Cloud

Table Of Contents
1. Software and Hardware requirements
2. System Analysis and Design
3. Dataflow Diagram
4. Database Design
5. Testing
6. Snapshots
7. Coding
8. Limitations and Drawback
9. Conclusion
10. References
Introduction of the system
Title of the Project: System Based Access Control For Cloud Computing.
System-based access control for cloud computing involves controlling access to cloud resources
based on predefined policies and rules, typically managed centrally by an organization or service
provider. This approach ensures that only authorized users or systems can access specific re-
sources or perform certain actions within a cloud environment. Here's how it typically works:
1. Identity Management: Users and systems are assigned unique identities, such as user-
names, email addresses, or service account identifiers. These identities are typically man-
aged through an identity provider or directory service.
2. Authentication: Before accessing cloud resources, users and systems must prove their
identity through authentication mechanisms like passwords, multi-factor authentication
(MFA), or biometrics. Once authenticated, they receive access tokens or session cookies
that validate their identity for a limited period.
3. Authorization Policies: Authorization policies define what actions users or systems are
allowed to perform and which resources they can access. These policies are typically de-
fined using a combination of attributes such as user roles, group memberships, resource
types, and contextual factors like time of access or network location.
4. Access Control Lists (ACLs): ACLs are used to explicitly specify which users or sys-
tems have permissions to access specific resources. ACLs can be configured at various
levels, such as individual files, folders, or network endpoints, and can grant or deny spe-
cific types of access, such as read, write, or execute permissions.
5. Role-Based Access Control (RBAC): RBAC is a widely used access control model that
assigns permissions to users based on their roles within an organization. Rather than as-
signing permissions directly to individual users, permissions are assigned to roles, and
users are granted access by being assigned to appropriate roles.
6. Attribute-Based Access Control (ABAC): ABAC is a more flexible access control

model that takes into account various attributes of users, resources, and the environment
when making access decisions. Attributes such as user roles, group memberships, re-
source classifications, and environmental conditions are evaluated dynamically to deter-
mine access.
7. Auditing and Logging: Access control systems should log all access attempts and per-
mission changes for audit and compliance purposes. These logs can be used to track user
activities, detect unauthorized access attempts, and investigate security incidents.
8. Continuous Monitoring and Enforcement: Access control policies should be continu-

ously monitored and enforced to ensure compliance with security requirements. This may
involve real-time analysis of access logs, automated enforcement of access policies, and
alerting administrators to potential security risks.
By implementing system-based access control mechanisms like those described above, organiza-
tions can effectively manage access to their cloud resources, protect sensitive data, and mitigate
the risk of unauthorized access or data breaches.
Benefits of System Based Access Control For Cloud Computing
System-based access control for cloud computing provides:

 Enhanced Security: Granular control minimizes unauthorized access.
 Scalability: Adaptable to dynamic cloud environments.
 Centralized Management: Streamlines administration and auditing.
 Integration: Seamlessly integrates with identity providers.
 Risk Mitigation: Reduces insider threats and credential misuse.
 Compliance: Facilitates regulatory adherence through detailed audit logs.
 Cost Efficiency: Optimizes resource utilization and reduces administrative overhead.
Project category:
2-tier application software using ASP.NET with C# as front end and MS SQL Server as DBMS.
The salient Features of the Above Mentioned Tools/Platform are as Follows:
Database is the most important thing in this universe as database gives identity to a thing without data base
existence of a thing in impossible.
While working on this project first step is to design a database.

What is database?
Database is a collection of tables is a collection of records in a tabular form i.e. in rows and columns.
Database can be divided in two parts:
DBMS
RDBMS
We will be using RDBMS (Relational database Management system) in our project i.e. MS SQL Server
2005.
A new feature of the select statement allows a subquery to be used in place of a table in a form clause.
Since we are discussing database, there is one more thing attached to it i.e. Database Models.
Database Models:
There are three kinds of database models:
1. Single tier architecture.

2. Two tier architecture
3. N-tier architecture.
Single Tier Architecture: In this kind of architecture database and client application remains on one ma-
chine i.e. there is no client server technology, there is no centralization of database and basically it is stand-
alone system.
Two-tier Architecture: In this kind of architecture, database and client application is in two different ma-
chines i.e. database on one machine and application on another machine. In this type of architecture there
is client server technology and centralization of database is there.
N-Tier architecture: In this kind of architecture there is a middle-ware in between client and server. Middle
ware checks the validity of the client i.e. whether client access the database or not. Hence there is security
in it as well as middleware allows multiple accesses.
What is Middle-ware?
Middle ware provides centralization of business logic i.e. instead of putting logic on each and every client
machine, we put logic on a centralized server hence middleware is nothing but a server side program.
Where all your business logic and business methods reside .It remains on server side and it has all the logi-
cal building.
Middle client access.
.
We will be using RDBMS in our project i.e. MS SQL Server 2005
Why we are using MS SQL 2005 (RDBMS)?

Some of the merits are:
 Centralization of database.
 Security
 Normalization of Database.
 Relationship
 Transaction Processor.
 It gives some Internet related features.
Hence we are using SQL server as a backend technology.
Introduction to .NET FRAMEWORK

.Net Framework is a software development platform developed by Microsoft for building
and running Windows applications. The .Net framework consists of developer tools, programming lan-
guages, and libraries to build desktop and web applications. It is also used to build websites, web ser-
vices, and games.
The .Net framework was meant to create applications, which would run on the Windows Platform. The
first version of the .Net framework was released in the year 2002. The version was called .Net framework
1.0. The Microsoft .Net framework has come a long way since then, and the current version is .Net
Framework 4.7.2.
The Microsoft .Net framework can be used to create both – Form-based and Web-based applica-
tions. Web services can also be developed using the .Net framework.
The framework also supports various programming languages such as Visual Basic and C#. So develop-
ers can choose and select the language to develop the required application. In this chapter, you will learn
some basics of the .Net framework.
.Net Framework Architecture

.Net Framework Architecture is a programming model for the .Net platform that provides an ex-
ecution environment and integration with various programming languages for simple development and de-
ployment of various Windows and desktop applications. It consists of class libraries and reusable compo-
nents.
The basic architecture of the .Net framework is as shown below.
.Net Framework Architecture Diagram
.NET Components
The architecture of .Net framework is based on the following key components;
1. Common Language Runtime
The “Common Language Infrastructure” or CLI is a platform in .Net architecture on
which the .Net programs are executed.
The CLI has the following key features:
Exception Handling – Exceptions are errors which occur when the application is exe-
cuted.
Examples of exceptions are:
 If an application tries to open a file on the local machine, but the file is not
present.
 If the application tries to fetch some records from a database, but the connection
to the database is not valid.
Garbage Collection – Garbage collection is the process of removing unwanted re-

sources when they are no longer required.
Examples of garbage collection are
 A File handle which is no longer required. If the application has finished all opera-
tions on a file, then the file handle may no longer be required.
 The database connection is no longer required. If the application has finished all
operations on a database, then the database connection may no longer be re-
quired.
Working with Various programming languages –
As noted in an earlier section, a developer can develop an application in a variety

of .Net programming languages.
1. Language – The first level is the programming language itself, the most common
ones are VB.Net and C#.
2. Compiler – There is a compiler which will be separate for each programming
language. So underlying the VB.Net language, there will be a separate VB.Net
compiler. Similarly, for C#, you will have another compiler
3.
Common Language Interpreter – This is the final layer in .Net which would be
used to run a .net program developed in any programming language. So the sub-
sequent compiler will send the program to the CLI layer to run the .Net applica-
tion
2. Class Library
The .NET Framework includes a set of standard class libraries. A class library is a collection of methods
and functions that can be used for the core purpose.
For example, there is a class library with methods to handle all file-level operations. So there is a method
which can be used to read the text from a file. Similarly, there is a method to write text to a file.
Most of the methods are split into either the System.* or Microsoft.* namespaces. (The asterisk * just
means a reference to all of the methods that fall under the System or Microsoft namespace)
A namespace is a logical separation of methods. We will learn these namespaces more in detail in the
subsequent chapters.
3. Languages
The types of applications that can be built in the .Net framework is classified broadly into the following cat-
egories.
WinForms – This is used for developing Forms-based applications, which would run on an end user ma-
chine. Notepad is an example of a client-based application.
ASP.Net – This is used for developing web-based applications, which are made to run on any browser
such as Internet Explorer, Chrome or Firefox.
 The Web application would be processed on a server, which would have Internet Information Ser-
vices Installed.
 Internet Information Services or IIS is a Microsoft component which is used to execute an As-
p.Net application.
 The result of the execution is then sent to the client machines, and the output is shown in the
browser.
ADO.Net – This technology is used to develop applications to interact with Databases such as Oracle or
Microsoft SQL Server.
Microsoft always ensures that .Net frameworks are in compliance with all the supported Windows operat-
ing systems.
Windows Workflow Foundation
Workflow means performing any task in order. It is a set of activities
that is stored as a model and depicts a process. The difference between the
terms Workflow and Activity is that every task can be referred to an activity
and the group of activities depicts a complete workflow. Today, each
application is based on workflow approach and involves some processes to
be executed.
While creating an application, developers are still following the
traditional approach that leads to create steps in the process implicit in the code. This traditional approach
works fine but requires a deep programming logic making the process difficult to change and execute. Win-
dows Workflow Foundation is a programming model for building workflow enabled applications on windows.
One can use the workflow technology to implement the process in an effective manner and without a deep
programming logic. Using this technology, instead of defining the process logic in the code, one can divide
the process in steps and define them explicitly. After having defined the same process logic, it can be exe-
cuted by workflow engine. Workflow engine is an environment used for execution of processes and activi-
ties.
We know that Windows Workflow Foundation is one of the parts of .NET Framework. One of the most
interesting features of WF is the separation between the business process code and the actual implemen-
tation. Before the introduction of Windows Workflow Foundation, you required to write both the business
logic and the actual implementation together as in C#, Visual Basic .NET or other .NET languages which
was very typical. So the business logic was not separated by its implementation. Since the Windows Work-
flow Foundation came into existence, the business logic can be defined in the workflow and the actual im-
plementation is done in Visual Basic .NET, C#, and other .NET languages. In other words, you can say that
‘what is done’ is defined in the workflow and ‘how is done’ in traditional
programming code.
Windows Workflow Foundation contains an execution engine,arules engine, a number of activities, a num-
ber of supporting runtime services, and a designer which allows the developers to design their workflows
graphically in Visual Studio 2005. You can say that it’s a library which contains all the
aforementioned parameters. Though it is not a standalone platform or service, you can add Windows Work-
flow Foundation library in your own application or web site/service. You are also free to replace standard
services, like persistence, scheduling, or tracking with other applications because of modularity of Windows
Workflow Foundation. For the purpose of graphical designing, Windows Workflow Foundation uses the
workflow engine which is designed in such a way that you’ll get a choice between building the workflow as
code constructs or in a declarative fashion using XAML.Workflow engine is not a new technology; it came
into existence in early 2000. In the market, several workflow engines are available for Windows and other
platforms. Today, all applications are based on
Workflow approach. So, defining different engines for different applications is a cumbersome task. To avoid
this, Microsoft has decided to define a single common workflow engine for all the windows-based applica-
tions. This is what the Windows Workflow Foundation (WF) performs. WF provides a common workflow
technology for all the windows-based applications, such as Microsoft Office 2007 and Windows Share Point
Services.
Now the question arises, how this workflow technology meets
the requirements of different workflow applications. This can be answered by understanding how the WF
works. Basically, WF takes each activity as a class and that class comprises of any work which WF finds
necessary. These classes can be used with different application workflows with little modifications.
Figure : Working of Basic Workflow Engine.
WF also addresses the problem of making changes in the running workflows. There are two types of
workflows—Sequential workflow and State machines workflow. WF includes support for both the Work-
flows.
Sequential workflow is the one that performs the execution of the activities in a chronological order. It con-
tains classes, loops and other control structures. This workflow is used by software-based process and is
easy to understand and develop because it has clear start and finish boundaries. Workflow controls execu-
tion in sequential order because in sequential execution one task is executed after other.
State machine workflow is the one that executes activities at a particular time. This time is based on the
event occurred and the state of the machine. This workflow is used when you are not aware of the execu-
tion time. For example, you have created an application and somebody calls the cancel
event. This is less predictable and you are not aware of the exact execution time, but you are interacting
with people at the same time. This interaction demands for state machine workflow. It is more dynamic in
nature.
What is C# ?
C# is one of the languages you can use to create applications that will run in the .NET CLR. It is an evolu-
tion of the C and C++ languages and has been created by Microsoft specifically to work with the .NET plat-
form. Because it is a recent development, the C# language has been designed with hindsight, taking into
account many of the best features from other languages, while clearing up their problems.
You can write different type of application with C# on .NET Framework.
1) Window applications: These are applications, such as Microsoft Office, the have a familiar Win-
dows look and feel about them. This is made simple by using the Windows Forms module of
the .NET Framework, which is a library of controls (such as buttons, toolbars, menus and so on)
that you can use to build a Windows user interface (UI).
2) Web applications: These are web pages such as might through any Web browser. The .NET
Framework includes a powerful system for generating Web content dynamically, allowing personal-
ization, security, and much more. This system is called ASP.NET (Active Server Pages.NET).
3) Web services: These are new and exiting way to create versatile distributed application. Using
Web services you can exchange virtually any data over the internet, using the same simple syntax
regardless of the language used to create a Web service or the system that it resides on.
Event-driven Programming paradigms
In computer programming, event-driven programming or event-based programming is a programming

paradigm in which the flow of the program is determined by events—i.e., sensor outputs or user actions
(mouse clicks, key presses) or messages from other programs or threads.
Event-driven programming can also be defined as an application architecture technique in which the
application has a main loop which is clearly divided down to two sections: the first is event selection (or
event detection), and the second is event handling. In embedded systems the same may be achieved using
interrupts instead of a constantly running main loop; in that case the former portion of the architecture
resides completely in hardware.
Event-driven programs can be written in any language, although the task is easier in languages that
provide high-level abstractions, such as closures. Some integrated development environments provide
code generation assistants that automate the most repetitive tasks required for event handling.
Event handlers
Because the code for checking for events and the main loop does not depend on the application, many
programming frameworks take care of their implementation and expect the user to provide only the code for
the event handlers. In this simple example there may be a call to event handler called OnKeyEnter() that
includes an argument with a string of characters, corresponding to what the user typed before hitting the
ENTER key. If we want to add two numbers we need to use storage outside the event handler, so the
implementation might look like this
Creating event handlers

The first step in developing an event-driven program is to write a series of subroutines, or methods, called
event-handler routines. These routines handle the events that the main program will respond to. For
example, in a GUI program, we might be interested in a single (as opposed to a double) left-button mouse-
click on a command button. So a routine would be written to respond to such an event. The routine might
open another window, save data to a database or exit the application. Many modern day programming
environments provide the programmer with event templates so that the programmer need only supply the
event code.
Binding event handlers
The second step is to bind event handlers to events, so that the correct function is called when the event
takes place.
Graphical editors combine the first two steps: double-click on a button, and the editor creates an (empty)
event handler associated with the user clicking the button and opens a text window so you can edit the
event handler.
Integrated development environment
An integrated development environment (IDE) also known as integrated design environment or integrated
debugging environment is a software application that provides comprehensive facilities to computer
programmers for software development. An IDE normally consists of a:
Source code editor Compiler and/or interpreter Build automation tools Debugger
Overview
IDEs are designed to maximize programmer productivity by providing tightly-knit components with similar
user interfaces. This should mean that the programmer has much less mode switching to do than when
using discrete development programs. However, because an IDE is by its very nature a complicated piece
of software, this high productivity only occurs after a lengthy learning curve.
Typically an IDE is dedicated to a specific programming language, so as to provide a feature set which
most closely matches the programming paradigms of the language. However, some multiple-language
IDEs are in use, such as Eclipse, Active State Komodo, recent versions of Net Beans, Microsoft Visual
Studio and Win Dev.
IDEs typically present a single program in which all development is done. This program typically provides
many features for authoring, modifying, compiling, deploying and debugging software. The aim is to
abstract the configuration necessary to piece together command line utilities in a cohesive unit, which
theoretically reduces the time to learn a language, and increases developer productivity. It is also thought
that the tight integration of development tasks can further increase productivity. For example, code can be
compiled while being written, providing instant feedback on syntax errors. While most modern IDEs are
graphical, IDEs in use before the advent of windowing systems (such as Microsoft Windows or X11) were
text-based, using function keys or hotkeys to perform various tasks (Turbo Pascal is a common example).
This contrasts with software development using unrelated tools, such as vi, GCC or make.
History
GNU Emacs, an extensible editor which is commonly used as an IDE on Unix-like systems
IDEs initially became necessary when developing via a console or terminal. Early languages did not have
one, since they were prepared using flowcharts, coding before being submitted to a compiler [clarification
needed]. Dartmouth BASIC was the first language to be created with an IDE (and was also the first to be
designed for use while sitting in front of a console or terminal). Its IDE (part of the Dartmouth Time Sharing
System) was command-based, and therefore did not look much like the menu-driven, graphical IDEs
prevalent today. However it integrated editing, file management, compilation, debugging and execution in a
manner consistent with a modern IDE.
Integrated development environment

An integrated development environment (IDE) also known as integrated design environment or integrated
debugging environment is a software application that provides comprehensive facilities to computer
programmers for software development. An IDE normally consists of a:
 Source code editor

 Compiler and/or interpreter
 Build automation tools
 Debugger
Source code editor
A source code editor is a text editor program designed specifically for editing source code of computer
programs by programmers. It may be a standalone application or it may be built into an integrated
development environment (IDE).
Source code editors have features specifically designed to simplify and speed up input of source code,
such as syntax highlighting, auto complete and bracket matching functionality. These editors also provide a
convenient way to run a compiler, interpreter, debugger, or other program relevant for software
development process. So, while many text editors can be used to edit source code, if they don't enhance,
automate or ease the editing of code, they are not "source code editors," but simply "text editors that can
also be used to edit source code."
A few source code editors do syntax checking while the programmer types, immediately warning of syntax
problems. A few source code editors compress source code, typically converting common keywords into
single-byte tokens, removing unnecessary whitespace, and converting numbers to a binary form. Such
tokenizing editors later uncompress the source code when viewing it, pretty printing it with consistent
capitalization and spacing. A few source code editors do both.
Compiler
A compiler is a computer program (or set of programs) that transforms source code written in a computer
language (the source language) into another computer language (the target language, often having a
binary form known as object code). The most common reason for wanting to transform source code is to
create an executable program.
The name "compiler" is primarily used for programs that translate source code from a high-level
programming language to a lower level language (e.g., assembly language or machine code). A program
that translates from a low level language to a higher level one is a decompile. A program that translates
between high-level languages is usually called a language translator, source to source translator, or
language converter. A language rewriter is usually a program that translates the form of expressions
without a change of language.
A compiler is likely to perform many or all of the following operations: lexical analysis, preprocessing,
parsing, semantic analysis, code generation, and code optimization.
Program faults caused by incorrect compiler behavior can be very difficult to track down and work around
and compiler implementers invest a lot of time ensuring the correctness of their software.
The term compiler-compiler is sometimes used to refer to a parser generator, a tool often used to help
create a compiler.
Interpreter
In computer science, an interpreter normally means a computer program that executes, i.e. performs,
instructions written in a programming language.
The terms interpreted language or compiled language merely means that the canonical implementation of
that language is an interpreter or a compiler; a high level language is basically an abstraction which is
(ideally) independent of particular implementations.
While interpretation and compilation are the two principal means by which programming languages are
implemented, these are not fully distinct categories, one of the reasons being that most interpreting
systems also perform some translation work, just like compilers. An interpreter may be a program that
either
 executes the source code directly
 translates source code into some efficient intermediate representation (code) and immediately
executes this
 explicitly executes stored precompiled code[1] made by a compiler which is part of the interpreter
system
Perl, Python, MATLAB, and Ruby are examples of type 2, while UCSD Pascal and Java are type 3 and
XML mosaic Interpreter is of type 1.
The intermediate representation can be machine independent code, which is then linked at run-time and
executed by an interpreter and/or compiler (for JIT systems). General purpose market languages, such as
Smalltalk, Java, and others generally employ JIT.
Debugger
A debugger is a computer program that is used to test and debug other programs. The code to be
examined might alternatively be running on an instruction set simulator (ISS), a technique that allows great
power in its ability to halt when specific conditions are encountered but which will typically be much slower
than executing the code directly on the appropriate processor.
When the program crashes, the debugger shows the position in the original code if it is a source-level
debugger or symbolic debugger, commonly seen in integrated development environments. If it is a low-
level debugger or a machine-language debugger it shows the line in the disassembly. (A "crash" happens
when the program cannot continue because of a programming bug. For example, perhaps the program
tried to use an instruction not available on the current version of the CPU or attempted access to
unavailable or protected memory.)
Typically, debuggers also offer more sophisticated functions such as running a program step by step
(single-stepping), stopping (breaking) (pausing the program to examine the current state) at some kind of
event by means of breakpoint, and tracking the values of some variables. Some debuggers have the ability
to modify the state of the program while it is running, rather than merely to observe it.
The importance of a good debugger cannot be overstated. Indeed, the existence and quality of such a tool
for a given language and platform can often be the deciding factor in its use, even if another
language/platform is better-suited to the task. However, it is also important to note that software can (and
often does) behave differently running under a debugger than normally, due to the inevitable changes the
presence of a debugger will make to a software program's internal timing. As a result, even with a good
debugging tool, it is often very difficult to track down runtime problems in complex multi-threaded or
distributed systems.
The same functionality which makes a debugger useful for eliminating bugs allows it to be used as a
software cracking tool to evade copy protection, digital rights management, and other software protection
features.
Most mainstream debugging engines, such as gdb and dbx provide console-based command line
interfaces. Debugger front-ends are popular extensions to debugger engines that provide IDE integration,
animation, and visualization features.
Hardware support for debugging
Most modern microprocessors have at least one of these features in their CPU design to make debugging
easier:
 hardware support for single-stepping a program, such as the trap flag.
 An instruction set that meets the Popek and Goldberg virtualization requirements makes it easier to
write debugger software that runs on the same CPU as the software being debugged; such a CPU
can execute the inner loops of the program under test at full speed, and still remain under the
control of the debugger.
 In-System Programming allows an external hardware debugger to re-program a system under test
(for example, adding or removing instruction breakpoints)
 hardware support for data breakpoints, such as page fault hardware
 JTAG pins, or the newer Nexus or ETM (Embedded Trace Macrocell from ARM) Debug interfaces
List of debuggers
 AppPuncher Debugger (used to debug Rich Internet Applications)

 CA/EZTEST (Cics Interactive test/debug)
 CodeView
 DBG — a PHP Debugger and Profiler
 DBX
 DDD (Data Display Debugger)
 DEBUG — the built-in debugger of DOS and Microsoft Windows
 Distributed Debugging Tool (Allinea DDT)
 DDTLite Allinea DDTLite for Visual Studio 2008
 Dynamic debugging technique (DDT), and its octal counterpart Octal Debugging
Technique
 Eclipse
 TotalView
 GNU Debugger (GDB)
 Parasoft Insure++
 Insight
 Interactive Disassembler (IDA Pro)
 iSYSTEM – In circuit debugger for Embedded Systems
 Embedded System Debug Plug-in for Eclipse
 Java Platform Debugger Architecture
 JSwat — open-source Java debugger
 Nemiver — graphical C/C++ Debugger for the GNOME desktop environment
 MacsBug
 OLIVER (CICS interactive test/debug)
 OllyDbg
 IBM Rational Purify
 RealView Debugger - Commercial debugger produced for and designed by ARM
 sdb
 SIMMON (Simulation Monitor)
 SIMON (Batch Interactive test/debug)
 SoftICE
 Turbo Debugger
 Ups — C, Fortran source level debugger
 WinDbg
 Zeta Debugger
 Valgrind
 VB Watch Debugger — debugger for Visual Basic 6.0
 Microsoft Visual Studio Debugger
 Xdebug — PHP debugger and profiler.
Objectives of the system-based access control for cloud computing
The objectives of system-based access control for cloud computing are:
 Ensure granular control over access to cloud resources.
 Facilitate centralized management of access policies
 Integrate with identity providers for streamlined authentication

.
 Mitigate security risks by enforcing least privilege principles.
 Enable auditing and compliance with regulatory requirements.
 Adapt to evolving security needs and business requirements.
 Enhance efficiency through automation and scalability.
Features of the system
System-based access control for cloud computing typically includes the following fea-
tures:
 Granular Permissions: Offers fine-grained control over who can access specific re-
sources and what actions they can perform.
 Centralized Management: Allows for the centralized administration of access policies

across multiple cloud services and environments.
 Scalability: Scales seamlessly to accommodate changes in user populations, resource

provisioning, and workload distribution.
 Integration: Integrates with existing identity providers and authentication mechanisms

for streamlined user management.
 Adaptability: Easily adaptable to evolving security requirements, business needs, and

regulatory mandates.
 Auditing and Logging: Generates detailed audit logs to track access attempts, permis-
sion changes, and security-relevant events.
 Risk Mitigation: Helps mitigate the risk of insider threats, credential misuse, and unau-
thorized access attempts through role-based and least privilege access controls.
 Compliance: Facilitates compliance with regulatory requirements by enforcing access

control policies and providing audit trails for security audits and reporting.
Report generation:
 Comprehensive Visibility: System-based access control provides detailed logs of user

activities and access attempts, facilitating comprehensive reporting on access patterns,
security incidents, and compliance status.
 Regulatory Compliance: Automated report generation helps organizations demonstrate

compliance with regulatory requirements by documenting access control policies, user
access privileges, and audit trails of access activities.
 Efficient Auditing: System-based access control streamlines auditing processes by au-

tomatically capturing and organizing access logs, reducing the time and effort required to
generate compliance reports and respond to audit inquiries.
 Proactive Security Monitoring: By analyzing access logs and generating actionable in-
sights, system-based access control enables proactive monitoring of security risks,
unauthorized access attempts, and anomalous behavior, enhancing overall security pos-
ture.
 Continuous Improvement: Regular analysis of access control reports allows organiza-

tions to identify areas for improvement, refine access policies, and optimize security con-
trols to mitigate emerging threats and vulnerabilities.
SECURITY
 Granular Permissions: Enables precise control over who can access specific
resources, reducing the risk of unauthorized access.
 Centralized Management: Simplifies administration and ensures consistent en-

forcement of access policies across the entire cloud environment.
 Scalability: Scales seamlessly to accommodate changes in user populations

and resource provisioning without compromising security.
 Auditing and Compliance: Facilitates auditing, logging, and compliance report-
ing by providing detailed records of access attempts and policy enforcement ac-
tions.
 Adaptability: Allows for dynamic adjustment of access policies to address evolv-

ing security requirements and business needs.
Hardware and software requirement specification
Title of the project: System Based Access Control For Cloud Computing.
Project category: Cloud Security.
Tools/Platform:
Front-end: ASP.NET using C#
Back-end: Ms SQL Server 2005
Operating System: windows 10
Hardware requirements:
 SERVER (As per client requirement)
Core i5 processor based.
Intel Original Mother board.
256 GB Solid State Drive.
8GB RAM.
12’’ color monitor.
Keyboard.
Mouse.
 NODES
Intel(R) Core(TM) i5-6300U CPU @ 2.40 GHz.
2 GB Solid State Drive (or above).
32 MB SDRAM.
Monitor color/Mono
Mouse.
Keyboard.
 PRINTER
As per your needs.
System analysis and Design
System analysis and design are very important aspects of any system development process. These two
are the steps of SDLC. SDLC stands for system development life cycle. Which represents the actual pro-
cesses happened during the development of any system.
I have followed “Linear Sequential Model” or “Water-Fall Model” in developing this system. The following
figure shows the SDLC of any system in Linear Sequential system development
Feasibility study
System Analysis
System Coding
Coding
Testing
Implementation
Maintenance
According to the above figure there are seven stages of development processes of a system. Among the
above seven stages, first three ie.feasibility study, system analysis and system design are the most impor-
tant stages. In fact later two analysis and design from the three are the foundation of any system top be de -
veloped .if these two stages are not done properly then it is not possible for the system being developed
will work properly.
Feasibility study
Objective of the study
The objective or the main aim of this study is to ascertain if the current system can be improved in any way
through any means. The part of the system to be improved is the aspect involving the dealings of problems
of customers who may be organization or person or employees.
There are three types of feasibility study, which are:
 Technical feasibility.
 Economical feasibility.
 Legal feasibility.
Technical feasibility
In technical feasibility, we will check the possibility of the technology that support the required system and
functions .in short we will check that whether the system is technically possible.
In technical feasibility all the technical aspects of the project are studied. The considerations that are
normally associated technical feasibility include:
Development Risk Analysis
It was necessary, whether the components and resources are available that can be designed so that nec -
essary functions and performance can be achieved uncovered during analysis.
Resource Availability
It was taken into consideration that whether the system element can be designed so that necessary func -
tions and performance can be achieved uncovered during analysis.
Technology
The relevant technology progressed to a state that will support the system.
Economic Feasibility
It includes an assessment of the economic justification for a computer-based system.
In economical feasibility all the economical aspects of the project are studied. Since in this case there was
not any consideration of money as all the tools used in this project work are already available here like IBM
with windows xp etc.
Legal Feasibility
It includes checking of whether the system is violating any Law of our country or any judiciary act and there
was no violation of any law in concern of this project.
Finding of feasibility Study
Since we were very much clear about the design of the system so in the analysis of development risks we
found that is quite difficult to design the proposed system that is support all the functions desired by the
company in this system.
 All the resources necessary to develop the software were available to me i.e. software case tools,
user manuals or book.
 The present state of technology supports this type of system.
 There was not any problem in economical feasibility of this project, as stated above, all the re -
sources necessary for this project were available.
 Also this system doesn’t produce any legal problem, as it is not violating any law and any other le-
gal or sub judiciary law such as copyright.
Requirement Analysis
Requirement Analysis is the most important software engineering phase. It provides the software developer
with a representation of information and function that can be translated to data, architecture and procedure.
It is the blueprint of the system being developed. On the basis of this design software is developed. It is
based on user requirement.
Problem analysis
In my project main object was to improve the user interface, making it user friendly. During problem analy -
sis, we have listed”
 Manually working and much of paper work.

 Redundancy, lack of integrity and many other problems of manual system.
Problem Evolution
In this I have noted all the requirements of the system as well as the users who are going to use it. I asked
many questions like:
 What are the additional functionalities you want in the system?

 What are the problems you faced in the existing system?
 Do you really need the system?
 What are your expectations from the system?
 Is there anything else you want to specify?
 Is there anyone else who can provide additional information
With the help of this analysis I have tried to bridge the gap between the system design and user expec-
tations.
Design methodology
There are six steps in the design process. The first five steps are usually done on paper and then the fi-
nal design is implemented.
1. Identify the tables and relationships.

2. Identify the data that is needed for each table and relationships.
3. Normalize the database.
4. Resolve the relationships.
5. Verify the design.
6. Implement the design.
Step 1:Identify tables and relationships:
To identify the tables and their relationships to each other
 Define high-level activities.

Identify the general activities that will be used in this database
 To define the tables

For the list of activities identify the subject needed to maintain the information.
 Identify relationships
Look at the activities and determine what will be the relationships between the tables.
 Break down the activities.

High-level activities are examined whether some of them can be broken into lower activities.
Step2: Identify the required data
To identify the required the

 Identify the supporting data
List all the data you need to keep track of the data that describes the table answers the questions who,
what, where and why.
 Identify data for each data

List the appropriate data for each table.
 Identify data for each relationship
Step3: Normalize the data
Normalization is simplifying the relation between data elements in a record. To decrease redundancy.
through the normalization a collection of data in a record structure is replaced by successive record struc -
ture that is simpler and more predictable and more manageable. Normalization can be done upto five lev-
els. But in this project I normalized data upto third level. At this level all the columns of a table are depen-
dant on primary key.
Step 4:resolve the relationship
After the normalization process is finished the design is almost complete. All we need is to resolve the rela-
tionship.
Step5: Verify the Design
Before implementing the design it is needed to make sure that it will support the needs. Examine the activi -
ties identified at the start of the design process and make sure those accesses to all the data the required
activities is available.
 Can a path to get all the needed information to be found?
 Does the design meet the needs?
 Is all the required data available?
Step6: Implement the design
The final step is to implement the design. The tables and the columns containing the data are to be named
and stored in each table. The data type and other information for each column must be specified. During
the design process we need to decide what tables we need and what data we want in each table. Now one
must select column name for each column of data, specify the data type and size for the column and de-
cide whether NULL values allowed and whether it is required to restrict the values in the column of the
database.
Design objective
The next and most important step is to design a system. The system is designed to be user friendly and in-
teractive. It is designed by strictly following the UID (user interface design) concepts .The user can interact
with the system with minimal computer knowledge. For this system should satisfy the following require-
ments.
 Single window service.
 Integrated on-line modules easily customizable to specific requirements with minimum time.
 Site implementation & fine-tuning of software for procedures and facilities controlled by user’s
definable parameters.
 Software options fully menu-driven with popup windows for ease of operations by user’s highly
integrated linkage and auto-posting setup definable by database administrator.
 Flexible for phased installation and integration of modules.
 Incorporation of special features and hot-key button for help.
Administrator
Lead Indent
Administrator
Store Data
User server
User Detail InformationRequest
imformation
user I information
Database
Context Level
Agent Maintenance
user infor mainte-

nance
Caller Detail caller Master
Level-2
Lead Processing
Client
Process server lead User informa-

Lead tion
user Schedule Master
Lead conversation
No response
Lead Disposition uesr Detail
Level-3
Database Design
Table Name: Cmpyinfo.
Description: used to store registration information
ColumnName DataType AllowNulls

Com Varchar(MAX) YAS
Comid Varchar(MAX) YAS
Addr Varchar(MAX) YAS
Cty Varchar(MAX) YAS
Phn Varchar(MAX) YAS
Dnam Varchar(MAX) YAS
Did Varchar(MAX) YAS
Pass Varchar(MAX) YAS
Repass Varchar(MAX) YAS
Gen Varchar(MAX) YAS
Numbr Varchar(MAX) YAS
Mail Varchar(MAX) YAS
Ser Varchar(MAX) YAS
Amout Varchar(MAX) YAS
Dateof Varchar(MAX) YAS
Pay Varchar(MAX) YAS
Table Name: Cominfo.

Description: used to store Company information.

Comnam Varchar(MAX) YAS
Comid Varchar(MAX) YAS
Sid Varchar(MAX) YAS
Secty Varchar(MAX) YAS
Ans Varchar(MAX) YAS
Table Name: Docinfo.
Description. it stores Document Information.

Docid Varchar(MAX) YAS
Doctype Varchar(MAX) YAS
Seldoc Varchar(MAX) YAS
Scty Varchar(MAX) YAS
Docnam Varchar(MAX) YAS
Table Name: Imginfo.
Description: stores the Image Information status
ColumnName DataType Allownull

Cid Varchar(MAX) Yes
Img Varchar(MAX) Yes
Imgid Varchar(MAX) Yes
Sr Varchar(MAX) Yes
Table Name: Srinfo.
Description: BIOS and Process ID Store

Cid Varchar(MAX) Yes
Macad Varchar(MAX) Yes
Boid Varchar(MAX) Yes
Ipid Varchar(MAX) Yes
Table Name: Upinfo

Description:Upload File Information.
ColumnName DataType Allownull

Docid Varchar(MAX) Yes
Docnam Varchar(MAX) Yes
Type Varchar(MAX) Yes
Levl Varchar(MAX) Yes
File Varchar(MAX) Yes
CODING
COMPANY LOGIN PAGE :-
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data.SqlClient;
namespace WebApplication19
{
public partial class WebForm2 : System.Web.UI.Page
{
Mycon ob = new Mycon();
protected void Page_Load(object sender, EventArgs e)
{
protected void Button8_Click(object sender, EventArgs e)

{
SqlConnection con = ob.conn();
string sqlcmd = "select *from cmpyinfo where comid='" + TextBox2.Text + "' and pass='" + TextBox3.Text + "'";
SqlDataReader dr = ob.getdata(sqlcmd,con);
if (dr.Read())
{
Session["cid"] = TextBox2.Text;
Response.Redirect("WebForm17.aspx");
}
else
{
Label3.Text = "Invalid id or Password";
}
}
protected void TextBox3_TextChanged(object sender, EventArgs e)

{
}
}
}
My profile :-
using System;
using System.Linq;
using System.Web;
{
{
{
string sqlcmd = "select *from cmpyinfo";
DetailsView1.DataSource = dr;
DetailsView1.DataBind();
protected void Menu1_MenuItemClick(object sender, MenuEventArgs e)

{
}
protected void Menu1_MenuItemClick1(object sender, MenuEventArgs e)

{
protected void DetailsView1_PageIndexChanging(object sender, DetailsViewPageEventArgs e)

{
}
}
}
Registration Form :-
using System;
using System.Linq;
using System.Web;
{
{
{

{

{

{

{

{

{
string sqlcmd = "insert into cmpyinfo values('" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" + TextBox5.Text
+ "','" + TextBox6.Text + "','" + TextBox7.Text + "','" + TextBox8.Text + "','" + TextBox9.Text + "','" + TextBox10.Text + "','" + DropDown-
List1.Text + "','" + TextBox11.Text + "','" + TextBox12.Text + "','" + DropDownList2.Text + "','" + TextBox13.Text + "','" + TextBox14.Text +
"','" + DropDownList3.Text + "')";
ob.putData(sqlcmd,con);
Session["cid"] = TextBox3.Text;
Session["cnam"] = TextBox2.Text;
Response.Redirect("webForm17.aspx");
}
}
}
Add Security Form :-

using System;
using System.Linq;
using System.Web;
{
{
int s =0;
{
TextBox2.Text=Session["cnam"].ToString();
TextBox3.Text = Session["cid"].ToString();
TextBox4.Text = Session["count"].ToString();
}

{
s = int.Parse(TextBox4.Text);
if (s <= 4)
{
string sqlcmd = "insert into cominfo values('" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" +
TextBox5.Text + "','" + TextBox6.Text + "')";
ob.putData(sqlcmd, con);
TextBox4.Text = "";
TextBox6.Text = "";
Session["count"] = int.Parse(Session["count"].ToString()) + 1;
TextBox4.Text = Session["count"].ToString();
}
else
{
}
}
protected void DropDownList1_SelectedIndexChanged(object sender, EventArgs e)
{
}
}
}
Upload Document :-
using System;
using System.Linq;
using System.Web;
{
{
{
}
protected void Button8_Click1(object sender, EventArgs e)
{
string sqlcmd = "insert into upinfo values('" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" +
DropDownList1.Text + "','" + Label6.Text + "')";

{
string pa = "", fn = "";

pa = Server.MapPath("./upload/");
fn = FileUpload1.FileName.ToString();
pa = pa + fn;
FileUpload1.PostedFile.SaveAs(pa);
Label6.Text = "~/upload/" + FileUpload1.FileName;
//Image26.ImageUrl = Label6.Text;
}
}
}
Update Form :-
using System;
using System.Linq;
using System.Web;
{
{
{

{
string sqlcmd = "update cmpyinfo set com='" + TextBox2.Text + "',addr='" + TextBox4.Text + "',cty='" + TextBox5.Text + "',phn='" +
TextBox6.Text + "',clnam='" + TextBox7.Text + "',clid='" + TextBox8.Text + "',pass='" + TextBox9.Text + "',repass='" + TextBox10.Text +
"',gen='" + TextBox11.Text + "',numbr='" + TextBox12.Text + "',mail='" + TextBox13.Text + "',ser='" + TextBox14.Text + "',amout='" +
TextBox15.Text + "',dateof='" + TextBox16.Text + "',pay='" + TextBox17.Text + "' where comid='" + TextBox3.Text + "' ";
}

{
string sqlcmd = "select *from cmpyinfo where comid='" + TextBox3.Text + "'";
if (dr.Read())
{
TextBox2.Text = dr.GetString(0);
}
}
}
}
Upload Details :-
using System;
using System.Linq;
using System.Web;
using System.Data;
{
{
{
SqlConnection con = new SqlConnection();
con.ConnectionString=ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
con.Open();
DataSet dst = new DataSet();
SqlDataAdapter dr = new SqlDataAdapter("select *from upinfo", con);
dr.Fill(dst, "upinfo");
DataList1.DataSource=dst.Tables["upinfo"];
DataList1.DataBind();
protected void DataList1_SelectedIndexChanged(object sender, EventArgs e)

{
}
}
}
Security Verification Form :-

using System;
using System.Linq;
using System.Web;
{
{
{
string id = Session["cid"].ToString();
string sqlcmd = "select *from cominfo where comid='" + id + "'";
if (dr.Read())
{
TextBox2.Text = id;
Label3.Text = dr.GetString(3);
}
}

{

{
string id=Session["cid"].ToString();
string sqlcmd = "select *from cominfo where comid='"+id+"' and secty='" + Label3.Text + "' and ans='"+TextBox1.Text+"'";
if (dr.Read())
{
}
else
{
Label4.Text = "Invalid Answer";
}
}
}
}
Upload Security Image :-
using System;
using System.Linq;
using System.Web;
{
{
int s=1;
{
TextBox1.Text = Session["cid"].ToString();
TextBox3.Text=Session["count"].ToString();
}

{
s = int.Parse(TextBox3.Text);
if (s <= 5)
{
string sqlcmd = "insert into imginfo values('"+TextBox1.Text+"','" + Label4.Text + "','" + TextBox2.Text + "','" + TextBox3.Text +
"')";
Label4.Text = "";
TextBox3.Text = "";
Session["count"] = int.Parse(Session["count"].ToString()) + 1;
TextBox3.Text=Session["count"].ToString();
}
else
{
}
}

{
string pa = "", fn = "";
pa = Server.MapPath("./upload/");
fn = FileUpload1.FileName.ToString();
pa = pa + fn;
FileUpload1.PostedFile.SaveAs(pa);
Label4.Text = "~/upload/" + FileUpload1.FileName;
Image27.ImageUrl = Label4.Text;
}
}
}
Image Verification :-
using System;
using System.Linq;
using System.Web;
{
{
{
string sqlcmd = "select *from imginfo where cid='" +id+ "'";
SqlDataReader dr = ob.getdata(sqlcmd, con);
if (dr.Read())
{
TextBox1.Text = id;
Image27.ImageUrl = Label3.Text;
}

{
string sqlcmd = "select *from imginfo where cid='" + id + "'and img='" + Label3.Text + "'";
if (dr.Read())
{
}
else
{
Label4.Text = "Invalid Informission";
}
}
}
}
Device Information Form :-

using System;
using System.Linq;
using System.Web;
using System.Management;
using System.Net.NetworkInformation;
{
{
{
Label5.Text = Session["cid"].ToString();
}

{
string serialNumber = string.Empty;
ManagementObjectSearcher MOS = new ManagementObjectSearcher("select *from Win32_BIOS");
foreach (ManagementObject getserial in MOS.Get())
{
serialNumber=getserial["serialNumber"].ToString();
// serialNumber=getserial|"serialNumber"|.ToString();
}
Label1.Text=serialNumber;
ManagementObjectCollection mbsList = null;

ManagementObjectSearcher mbs = new ManagementObjectSearcher("select *from Win32_processor");
mbsList = mbs.Get();
string id = "";
foreach (ManagementObject mo in mbsList)

{
id = mo["processorID"].ToString();
}
Label2.Text = id;
ManagementObjectSearcher mos = new ManagementObjectSearcher("select *from Win32_BaseBoard");

ManagementObjectCollection moc = mos.Get();
string se = "";
foreach (ManagementObject mo in moc)
{
se = (string)mo["serialNumber"];
}
Label3.Text = se;

string sqlcmd = "insert into srinfo values('" + Label5.Text + "','" + Label2.Text + "','" + Label1.Text + "','" + Label3.Text + "')";
}

{
}
}
}
Security Verification Form :-

using System;
using System.Linq;
using System.Web;
{
{
{
Label13.Text=Session["cid"].ToString();
string sqlcmd = "select *from srinfo where cid='" + Label13.Text + "'";
SqlDataReader dr = ob.getdata(sqlcmd, con);
if (dr.Read())
{
}
}

{
string sqlcmd = "select *from srinfo where cid='" + Label13.Text + "'and macad='" + Label14.Text + "'and boid='" + Label15 + "' and
ipid='" + Label16.Text + "'";
if (dr.Read())
{
Response.Redirect("");
}
else
{
Label17.Text = "This is your Not Permanent Access Device";
}
}
}
SNAPSHOT
COMPANY LO- GIN PAGE
My profile
Registration Form
Add Security Form
Upload Document
Update Form
Upload Details
HOME PAGE
ABOUT PAGE
OUR SERVICES
SECURITY VERIFICA- TION FORM

UPLOAD SECURITY IMAGE
IMAGE VERIFI- CATION

DEVICE INFORMATION FORM
SECURITY VERIFICA- TION FORM

PERSONAL INFORMATION
PLANNING TOOLS
GANTT CHART:
Basic planning uses bar charts that show project activities and the amount of time
they will take. This activity scheduling method was first introduced in 1914 by Henry L.Gantt as a rudimen-
tary aid to plot individual tasks against time. The Gantt chart uses horizontal bars to show the durations of
actions or tasks. The left end marks the beginning of the task, the right end its finish. Earlier tasks appear in
the upper left and later ones in the lower right.
Following figure is a Gantt chart for a boat-building project. The project is
to build a prototype of a new motorboat called Seacraft Yacht. The heavy horizontal bars are activities, and
the light horizontal bars are tasks. Broken horizontal bars are estimated time delays or slack time. A task is
a specific job that can be assigned to one person in a specific time. A group of tasks makes up an activity,
which ends in a milestone.
In planning this project, several steps are undertaken:
1. Identify the activities and tasks in the stage. Each activity must be identified to plan the completion date
and allocate responsibilities among members of the project team. In our example, there are five activities:
a. Design boat
b. Purchase/test engine
c. Make boat
d. Test boat
e. Prepare owner’s manual
2. Determine the tasks for each activity and the estimated completion times. Each activity is broken down
into several tasks. In this example designing the prototype involves three tasks: designing the hull, testing
the hull & designing the interior
3. Determine the total estimated time for each activity.
4. Plot activities ion a Gantt chart .All activities, tasks & milestones are drawn on the Gantt chart, with em-
phasis on simplicity & accuracy.
5. Review and record progress periodically. The actual amount of time spent on each activity is recorded
and compared with the budgeted time. A summary of progress on the project is sent to management for fol-
low up.
Example: - Gantt chart

Time (days)
1/8 1/15 1/22 1/29 2/5 2/12 2/26 3/5 3/12 3/19 3/26 4/2 4/9
Activity Activity/Task
Code
1 Design boat 1 33 101111 1011
1.1 design hull 1011 2
10 5
1.2 test hull 18
1.3 designs interior
10
3
2. Purchase/test engine
7
2.1 purchase engine
50
2.2 test engine
20
3. Make boat 12 30
3.1 assemble mold 10

3.2 pour fiberglass
4. Test
5. Prepare owner’s manual
10
5.1 write draft

7
5.2 copy/edit
1
5.3 print 2
Activity
Task
Slack Time
PROGRAM EVALUATION REVIEW TECHNIQUE (PERT)

Gantt chart has one drawback. They do not show precedence relationships among
the tasks and milestones of a project; that is interdependence of tasks is not evident. The critical tasks or
those that must be done on time are not evident either.
A PERT chart is valuable when a project is being planned. When the network is finished,
the next step is to determine the critical path. It is the longest path through the network. No task on the criti-
cal path can be held up without delaying the start of the next tasks and ultimately, the completion of the
project. The critical path determines the project completion date.
Like the Gantt chart, PERT makes use of tasks. Arrows are used to represent tasks and
circles represent the beginning or completion of a task. The PERT chart uses these paths and events to
show the interrelationships of project activities. Each task is limited by an identifiable event. An event has
no duration; it simply tells you that the activity have a beginning and an ending event. A task can start only
after the tasks it depends on have been completed. PERT does not allow “looping back” because a routine
that goes back to a task has no end.
Figure:
Task Event
In addition to showing the interrelationships among project activities, PERT chart show the
following:
 The activities that must be completed before initiating a specific activity.
 Interdependencies of the tasks.
 Other activities that can be completed while a given activity is in progress.
 The activities that cannot be initiated until after other specific activities are completed. This is called
a precedence relationship.

Example: PERT Chart
Maintenance
11
Coding of
reports
Input form 21
7
Design design 9
2 4
40 120
30
60 60
6 1000
1 3
Begin 70
Coding
Planning Database Testing
Design 110 5 120
8
Output
Form design
Input form 50
coding
70
9
Query
Total time taken (in hrs): 30+40+120+70+120+70+50+21=521

OBJECTIVE OF PERT
1. To provide guideline in planning, scheduling, coordinating and control for the pro-
posed system.
2. To identify the obstacles in the execution of the proposed project and suggesting
measures for taking corrective action.
3. To minimize the time duration of finishing of the proposed project
4. To minimize the cost of proposed project.
5. To divide the project in sub projects and their logical arrangements of sub project.
6. To fully utilize available resources required in proposed project.
TESTING
System testing and implementation is the last phase of any system development life cycle (SDLC). System
testing is aimed at ensuring that the system works accurately and efficiently before live operation com-
mences. The logical design and physical design is thoroughly and continually examined on paper to ensure
that the system works when implemented. Thus the system testing was a confirmation that all is correct
and an opportunity to show the users that the system works.
Testing is the major quality control measure used
during software development. Its basic function is to detect errors in the software. The goal of testing is to
uncover requirement, design and coding errors in the programs. Testing is an extremely critical and time-
consuming activity. It requires proper planning of the overall testing process.
DEFINITION OF TESTING
“The process of analyzing a software item to detest the differences between existing and required
conditions and to evaluate the features of the software items” - IEEE
“The process of analyzing a program with the intent of finding errors”

- Myers
TYPES OF TESTING
There are two approaches to testing: functional and structural. In Func-
tional Testing the structure of the program is not considered. Test cases are decided on the basis of the re-
quirements or specification of the program or module and the internals of the module or the program are
not considered for selection of test cases. Functional testing is often called “Black Box Testing”.
In Structural Testing, test cases are generated based on the actual code of the program or
the module” to be tested. The structural approach is also known as “Glass Box Testing”.
LEVELS OF TESTING
Client Needs Acceptance Testing
Requirements System Testing
Design Integration Testing
Code Unit Testing
Figure: Levels of Testing
Testing was performed in three stages:
1. Unit testing ie.forms (module testing) testing

2. System testing or integration testing
3. Acceptance testing.
Testing of the system was done in according to the quality standard .the minimum requirements of all the
three stages is:
 Load the Smart Dialer application software
 Create the necessary data structures and populate the database with the respective sample.
 Create the necessary User permission.
 All the tests must be conducted in correct sequence.
 Make the transaction data ready.
 Ensure that expected results are available for verification process.
Forms and program testing (unit testing)
The system has been developed according to the requirements of the system. There may be errors in the
software that is known as software errors. So an exhaustive and thorough testing must be conducted to as -
certain whether the system produces right results.
In unit testing each program module was tested as a single program or unit. In unit testing a set of data as
input was given to the module and observed what the output was .In addition the logic and boundary condi-
tions for the input and output was checked. The interface between this module and others were also
checked for correctness. While collecting the input data for testing, program module was kept in mind .so
that the entire condition of the program could be checked. In testing role of users is also very important, as
they are the right person who will use the system. So a wide range of data was collected from the user to
test the program thoroughly.
System testing or integration testing
When each and every program module was tested and found error free, we combined the modules into a
working system. This integration is planned and coordinated. Integration testing is the process of verifying
the components of the system are working together as a system as described in program design and ac -
cording to the system specifications. Integration testing is testing the entire system
Functional testing
Once we were sure that information is passed among the modules according to the design
specifications .we tested the system to assure whether the function describe din the required specification
are actually achieved in integration testing.
Acceptance testing
When the functional testing is complete, we made sure that the system is working according to the user ex -
pectation. Thus finally user did the acceptance testing.
REGRESSION TESTING
Regression testing is required when modification is made on the existing system.
Software is said to be modified when we add one or more modules to it or some of the components (or
modules) deleted from it. The modified software needs to be tested to make sure that it works properly.
Software Maintenance
Maintenance is the enigma of the system development. Maintenance can be classified as corrective, adap-
tive and perfect. Adaptive Maintenance means changing the program function. Perfect maintenance en-
hancing the performance or modifying the program to respond to the user’s additional or changed needs.
Maintenance covers a wide range of activities, including correcting coding and errors, updating, testing data
and upgrading the application according to the user’s need.
Several MIS Organization in order to resolve the problem of software maintenance, have maintenance re-
duction plan. Maintenance reduction plan consists of three phases.
Maintenance Management Audit
Maintenance management audit is done through Interviews and questionnaires. Thus evaluating the quality
of maintenance effort.
Software system Audit
Software system audit covers the overall view of the system documentation. It is an assessment of the
quality of data files and database. Checking the system reliability and efficiency.
Software modification.
Software modification, which consists of rewriting programs, system level updated and reaudit of low rank-
ing programs to make sure it is error free.
Since the smart dialer is for the company sachitel communication Pvt.Ltd. therefore future maintenance will
be carried by the compan
Limitations and drawbacks
Though it was planned, that the system developed will absolutely error free but there certain limitations in
the system. Following may be the drawback of this system.
 Since every time interaction is with the database so the load is more. So the system tends to be bit
slow.
 Though the system is developed as a multi-user system but it is not a real time system.
Conclusion
The project undertaken by me has given a clear idea about the stem starting from conceptualization, design
and development.
Through the prototype CRM project “Smart Dialer” for call center was developed .the system has given me
an opportunity to learn and experience of working on it has given me the confidence. The system is appli-
cable in the real life situation in the organization. Though the system can be expanded and modified more
to make it better. I have also upgraded myself with new technology i.e.. Net. I have experience in Microsoft
technologies (ASP.NET using ,Ms Sql server 2005). Through this live project have learnt ASP.NET using
C#, Also I got the opportunity to have a closer look in call center working.
So, finally this project helped in learning a lot both in terms of technology and as a person, which will be
very helpful for me in future.
References
Books:
Black Book C#.NET
By: Tata McGraw-hill edition
Websites:
http://www.google.com
http://www.microsoft.com
http://www.msdn.com
www.wrox.com
www.osborne.com

Cloud

Uploaded by

Copyright:

Available Formats

Cloud

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cloud

Uploaded by

Copyright:

Available Formats

Table Of Contents

1. Software and Hardware requirements

2. System Analysis and Design

8. Limitations and Drawback

6. Attribute-Based Access Control (ABAC): ABAC is a more flexible access control

8. Continuous Monitoring and Enforcement: Access control policies should be continu-

Benefits of System Based Access Control For Cloud Computing

System-based access control for cloud computing provides:

The salient Features of the Above Mentioned Tools/Platform are as Follows:

While working on this project first step is to design a database.

Database can be divided in two parts:

There are three kinds of database models:

1. Single tier architecture.

Why we are using MS SQL 2005 (RDBMS)?

Introduction to .NET FRAMEWORK

.Net Framework Architecture

The basic architecture of the .Net framework is as shown below.

.Net Framework Architecture Diagram

The CLI has the following key features:

Examples of exceptions are:

Garbage Collection – Garbage collection is the process of removing unwanted re-

Examples of garbage collection are

Working with Various programming languages –

As noted in an earlier section, a developer can develop an application in a variety

Windows Workflow Foundation

Workflow means performing any task in order. It is a set of activities

and the group of activities depicts a complete workflow. Today, each

application is based on workflow approach and involves some processes to

While creating an application, developers are still following the

Figure : Working of Basic Workflow Engine.

Event-driven Programming paradigms

In computer programming, event-driven programming or event-based programming is a programming

Creating event handlers

Binding event handlers

Integrated development environment

 Source code editor

Source code editor

Hardware support for debugging

 AppPuncher Debugger (used to debug Rich Internet Applications)

The objectives of system-based access control for cloud computing are:

 Ensure granular control over access to cloud resources.

 Facilitate centralized management of access policies

 Integrate with identity providers for streamlined authentication

 Enable auditing and compliance with regulatory requirements.

 Adapt to evolving security needs and business requirements.

 Enhance efficiency through automation and scalability.

Features of the system

 Centralized Management: Allows for the centralized administration of access policies

 Scalability: Scales seamlessly to accommodate changes in user populations, resource

 Integration: Integrates with existing identity providers and authentication mechanisms

 Adaptability: Easily adaptable to evolving security requirements, business needs, and

 Compliance: Facilitates compliance with regulatory requirements by enforcing access

 Comprehensive Visibility: System-based access control provides detailed logs of user

 Regulatory Compliance: Automated report generation helps organizations demonstrate

 Efficient Auditing: System-based access control streamlines auditing processes by au-

 Continuous Improvement: Regular analysis of access control reports allows organiza-

 Centralized Management: Simplifies administration and ensures consistent en-

 Scalability: Scales seamlessly to accommodate changes in user populations

 Adaptability: Allows for dynamic adjustment of access policies to address evolv-

Hardware and software requirement specification