A Project Report submitted in partial fulfillment of the requirements for the award of the degree MSc.

(Computer Science) Osmania University By D.Shilpa Roll No.0207509

OSMANIA UNIVERSITY COLLEGE FORWOMEN DEPARTMENT OF COMPUTER SCIENCE KOTI, HYDERABAD APRIL 2008

ACKNOWLEDGEMENT

I thank Almighty God in directing me towards the fruitful culmination of my endeavor. It is my pleasure to express my whole hearted thanks to Mrs. Savita Chary, H.O.D computer science department, Osmania University College for Women for providing the necessary facilities to undergo this project. I reveal my sincere gratitude to the Coordinator B.Shadaksharappa for giving me this opportunity to do this project. I also reveal my gratitude to the project guide Mr.Raghavendra Prasad , for his extreme support and guidance in making out of this project successfully. I express our deep sense of gratitude to Mr.H. Anil. M.C.A ,my project guide at CMTES Informatics ltd. ,for having permitted me to carry out the project work in their institute and for his invaluable guidance and supervision at every stage . I am also thankful to members of the Computer Science Department and my friends who helped me in this project. With pleasure, I thank my parents for their encouragement and blessings to complete this project work.

ORGANIZATION PROFILE

The Computer Management and Technical Educational Society (CMTES) founded by a young entrepreneurs started on a modest footing over 15 years. The society has entered into a tie-up arrangement with the Small Industries Service Institute (SISI), Union Ministry of Industry, Government of India, to provide software development data processing Services and training. The result of extensive research work in Java and Web related technologies, gave it, the impetus to start an exclusive Java And Internet training center, to cater to the ever growing demands of the student and professional communities of Hyderabad. This center was named CMTES INFORMATICS LIMITED Career Education and is a pioneering institute of its kind and in short period established it self as a leader. It has conducted corporate training for companies like Small Industries Service Institute. CMTES INFORMATICS LIMITED has executed a number of web related projects starting from web page design to software products for trading on the net. The Software development wing of CMTES INFORMATICS LIMITED is also currently executing many Projects like Intranet based and University, Advertise agency projects. Some of them include enhanced web based trading. CMTES INFORMATICS LIMITED has a vision to major player in the global market place and has synchronized its expansion plans with the trends in The IT industry.

The company was established since 6 Years concentrating on offshore projects in the area of application development. It is registered with the SOFTWARE

TECHNOLOGY PARKS OF INDIA. It is a 100% Export Oriented unit. It has

become a name synonymous with excellence in Software Development. The result of extensive in house research work in Java and Web related technologies, gave it, the impetus to start an exclusive Java and Internet training center, to cater to the ever growing demands of the Student and professional communities of Hyderabad. ASIA PACIFIC COMPUTER SOLUTION has executed a number of web related projects Starting from web page design to software products for trading on the net. The Software development wing of ASIA PACIFIC COMPUTER SOLUTION is also currently executing many Projects like Internet & Intranet based. Few of the projects were developed for clients in USA & Australia. Some of them include enhanced web based trading. ASIA PACIFIC COMPUTER SOLUTION has a vision to major player in the global market place and has synchronized its expansion plans with the trends in The IT industry. ASIA PACIFIC COMPUTER SOLUTION domain expertise lies in developing and maintaining machine critical systems. The software skills of ASIA PACIFIC COMPUTER SOLUTION engineers include database management systems, operating systems, programming languages and communication interfaces. Few of our prestigious clients include PROFESSIONAL TRANSCRIPTION COMPANY, USA & HORTICULTURAL SKILLS, AUSTRALIA. The high rate of repeat projects and expanding clientele are a testimony of the quality and value that ASIA PACIFIC COMPUTER SOLUTION provides to its customers.

Synopsis
The system deals with security during transmission of data. Commonly used technology is cryptography. This system deals with implementing security-using steganography. In this technology, the end user identifies an image which is going to act as the carrier of data. The data file is also selected and then to achieve greater speed of transmission the data file and image file are compressed and sent. Prior to this the data is embedded into the image and then sent. The image if hacked or interpreted by a third party user will open up in any image previewer but not displaying the data. This protects the data from being invisible and hence be secure during transmission. The user in the receiving end uses another piece of code to retrieve the data from the image. Steganography is the art and science of hiding that communication is happening. Classical steganography systems depend on keeping the encoding system secret, but modern steganography is detectable only if secret information is known, e.g. a secret key. Because of their invasive nature, steganography systems leave detectable traces within a medium's characteristics. This allows an eavesdropper to detect media that has been modified, revealing that secret communication is taking place. Although the secrecy of the information is not degraded, its hidden nature is revealed, defeating the main purpose of Steganography. For JPEG images, Outguess preserves statistics based on frequency counts. As a result, statistical tests based on frequency counts are unable to detect the presence of steganographic content. Before embedding data into an image, Outguess can determine the maximum message size that can be hidden while still being able to maintain statistics based on frequency counts. Outguess uses generic iterators object to select which bits in the data should be modified. A seed can be used to modify the behavior of the iterator. It is embedded in the data along with the rest of the message. By altering the seed, OutGuess tries to find a sequence of bits that minimizes the number of changes in the data that have to be made.

Table Of Contents
1. Introduction 2. Initial Study.... 3. Problem Specification.... 3.1 Problem Definition. 3.2 Software and Hardware Specifications... 3.3 Feasibility..... 4. System Analysis. 4.1 Data Dictionary.. 5. System Design 5.1 Module Description............................................................................ 5.2 Input and Output screens. 6. UML diagrams... 7. System Testing and Implementation.. 7.1 Introduction....................................................................................... 7.2 System Testing.................................................................................. 7.3 System Implementation.. 7.4 Scope of the project 8. Conclusion.. 9. Annexure. 10. Reference...

1. INTRODUCTION
The system deals with security during transmission of data. Commonly used technologies are cryptography. This system deals with implementing security using steganography. In this end user identifies an image which is going to act as the carrier of data. The data file is also selected and then to achieve greater speed of transmission the data file and image file are compressed and sent. Prior to this the data is embedded into the image and then sent. The image if hacked or interpretted by a third party user will open up in any image previewer but not displaying the data. This protects the data from being invisible and hence be secure during transmission. The user in the receiving end uses another piece of code to retrieve the data from the image.

2. INITIAL STUDY

2.1Cryptography
Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any non trusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:

Authentication

The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.)

Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.

Integrity

Assuring the receiver that the received message has not been altered in any way from the original.

Non-repudiation A mechanism to prove that the sender really sent this message.

Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into cipher text, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.

TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):

Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information

2.2Steganography
Steganography or Stego as it is often referred to in the IT community, literally means, Covered writing" which is derived from the Greek language. Steganography is defined by Markus Kahn [5] as follows, "Steganography is the art and science of communicating in a way which hides the existence of the communication. In contrast to Cryptography, where the enemy is allowed to detect, intercept and modify messages without being able to violate certain security premises guaranteed by a cryptosystem, the goal of Steganography is to hide messages inside other harmless messages in a way that does not allow any enemy to even detect that there is a second message present". In a digital world, Steganography and Cryptography are both intended to protect information from unwanted parties. Both Steganography and Cryptography are excellent means by which to accomplish this but neither technology alone is perfect and both can be broken. It is for this reason that most experts would suggest using both to add multiple layers of security. Steganography can be used in a large amount of data formats in the digital world of today. The most popular data formats used are .bmp, .doc, .gif, .jpeg, .mp3, .txt and .wav. Mainly because of their popularity on the Internet and the ease of use of the steganographic tools that use these data formats. These formats are also popular because of the relative ease by which redundant or noisy data can be removed from them and replaced with a hidden message.

Steganographic technologies are a very important part of the future of Internet security and privacy on open systems such as the Internet. Steganographic research is primarily driven by the lack of strength in the cryptographic systems on their own and the desire to have complete secrecy in an open-systems environment. Many governments have created laws that either limit the strength of cryptosystems or prohibit them completely. This has been done primarily for fear by law enforcement not to be able to gain intelligence by wiretaps, etc. This unfortunately leaves the majority of the Internet community either with relatively weak and a lot of the times breakable encryption algorithms or none at all. Civil liberties advocates fight this with the argument that these limitations are an assault on privacy. This is where Steganography comes in. Steganography can be used to hide important data inside another file so that only the parties intended to get the message even knows a secret message exists. To add multiple layers of security and to help subside the "crypto versus law" problems previously mentioned, it is a good practice to use Cryptography and Steganography together. As mentioned earlier, neither Cryptography nor Steganography are considered "turnkey solutions" to open systems privacy, but using both technologies together can provide a very acceptable amount of privacy for anyone connecting to and communicating over these systems.

3. PROBLEM SPECIFICATION
3.1 Problem Definition

3.2 Software and Hard ware specifications SOFTWARE REQUIREMENT

Operating System Language Development Kit : : : 32 bit or Higher Java, JDK JDK 1.3

HARDWARE SPECIFICATIONS
Processor Name : Pentium-III

Processor Speed Ram Hard Disk Capacity Operating System Floppy Disk CD Drive Display Type Keyboard Type Mouse Type

: : : : : : : : :

677 MHZ 256 MB 20 GB Windows 2000 1.44 MB 52X CD Rom IBM Color Monitor IBM E54 KB9910 IBM Mouse

3.3 Feasibility Analysis

Many feasibility studies are disillusioning for both users and analysts. First, the study often presupposes that when the feasibility document is being prepared, the analyst is in a position to evaluate solutions. Second, most studies tend to overlook the confusion inherent in system development-the constraints and the assumed attitudes. If the feasibility study is to serve as a decision document, it must answer three key questions 1) Is there a new and better way to do the job that will benefit the user?

2) What are the costs and savings of the alternatives? 3) What is recommended?

The most successful system projects are not necessarily the biggest or most visible in a business but rather those that truly meet user expectations. More projects fail because of inflated expectations than for any other reason. Three key considerations are involved in the feasibility analysis economic, technical, and behavioral. Lets briefly review each consideration and how it relates to the systems effort.

3.3.1 Economical feasibility

Economic analysis is the most frequently used method for evaluating the effectiveness of a candidate system. More commonly known as cost/benefit analysis, the procedure is to determine the benefits and savings that are expected from a candidate system and compare them with costs. If benefits outweigh costs, then the decision is made to design and implement the system. Otherwise, further justification or alterations in the proposed system will have to be made if it is to have a chance of being approved. This is an ongoing effort that improves in accuracy at each phase of the system life cycle.

3.3.2 Technical feasibility Technical feasibility centers on the existing computer system (hardware, Software, etc.) and to what extent it can support the proposed addition. For example, if the current computer is operating at 80 percent capacity-an arbitrary ceiling-then running another application could overload the system or require additional hardware. This involves financial considerations to accommodate technical enhancements. If the budget is a serious constraint, then the project is judged not feasible.

2.3.3 Operational feasibility

Purpose projects are beneficial only if they can be turned into information systems that will meet the organizations operating systems. Some of the conditions are a) Is there sufficient support for the project from management and users? b) Are correct business methods acceptable to the users? c) Have the users been involved in the planning and development of the project. d) Will the proposed system cause harm?

4. SYSTEM ANALYSIS

The analysis of the existing system has to be carried to learn the details of the existing system. System analysis is the process of gathering and interpreting facts, diagnosing problems and using the information to recommend improvements to the system. Only after the systems analysis we can begin to determine how and where a computer information system can benefit all the users of the system. This accumulation of the system called a systems study.

EXISTING SYSTEM

In todays dynamic and information rich environment, information systems have become vital for any organization to survive. With the increase in the dependence of the organization on the information system, there exists an opportunity for the competitive organizations and disruptive forces to gain access to other organizations information system. This hostile environment makes information systems security issues critical to an organization. Current information security literature either focuses on anecdotal information by describing the information security attacks taking place in the world or it comprises of the technical literature describing the types of security threats and the possible security systems.

In order to secure the transmission of data, Cryptography has to be implemented. Cryptography is the science of devising methods that allow information to be sent in a secure form in such a way that the only person able to retrieve this information is intended recipient.

The basic principle is this

A message being sent is known as plaintext. The message is then coded using a cryptographic algorithm. This process is called encryption, an encrypted message is known as cipher text, and is turned back into plaintext by the process of decryption. Encryption can be done using symmetric or asymmetric algorithms. In symmetric algorithms only one key is used both to encrypt and decrypt the message. In asymmetric algorithms, a key used to encrypt a message is different from the key that is used to decrypt the message. There are several algorithms present in the market for Cryptography. Some of the commonly used once are IdeaA, RSA and Glowfish that1 involves asymmetric or symmetric methods and also involves private and public keys.

PROPOSED SYSTEM

The algorithms present in the existing system was some what complicated. In Cryptography, the meaning of data has been changed. So, it makes intention to the hacker to hack or destroy the data. In our proposed system, we implement a new technology called Stegnography for Network security. It not only change the meaning of data but also hides the presence of data from the hackers.

STEGANOGRAPHY
Stegnography is not actually a method of encrypting messages, but hiding them within something else to enable them to pass undetected. Traditionally this was achieved with invisible ink, microfilm or taking the first letter from each word of a message. This is now achieved by hiding the message within a graphics or sound file. For instance in a 256-greyscale image, if the least significant bit of each byte is replaced with a bit from the message then the result will be indistinguishable to the human eye. An eavesdropper will not even realize a message is being sent. This is not cryptography however, and although it would fool a human, a computer would be able to detect this very quickly and reproduce the original message. In the case of using this technique of hiding the data with an image file, the visibility of the image, resolution or clarity is not being affected. The hidden data can be of length in size. To the Hacker, only the image is make going to be visible when previewed and not a trace of the hidden data. If the image file is opened across a text editor, then also the data is not going to be visible as the information is stored in an encryption form, which is also binary. Hence making it difficult for the enclosure to differentiate the data to the image file.

4.1 Data Dictionary

STEGANOGRAPHY

The word Steganography literally means covered writing as derived from Greek and includes a vast array of methods of secret communications that conceal the very existence of the message. THE `PERCEPTION MANAGERS' and their `patriotic' paparazzi of the West seem to have shifted gears from singing paeans of technology to sowing suspicions about its possible misuse by the Al Queada, Taliban and their ilk! The word `Steganography' should henceforth be bandied about more for its sinister implications on the security of the civilised world. In June this year, USA Today reported that the encrypted blueprints of the next terrorist attack on the U.S. and its allies may lie hidden behind the X-rated pictures on several pornographic web sites and the posted comments on sports chat rooms. A snake makes itself invisible in a bed of grass by natural subterfuge. For all visible signs one sees just a stretch of grass but not the snake hiding beneath. The word Steganography literally means covered writing as derived from Greek. It includes a vast array of methods of secret communications that conceal the very existence of the message. Invisible inks, microdots, character arrangement, digital signatures, covert channels and spread-spectrum communications and other artifacts of day-to-day use in communications have thus been converted into potent tools of Steganography. As with other simple and casual things, Internet and the web have added to the might of such simple procedures. Bits and bytes have provided a powerful medium for the exchange such masqueraded messages in an unlimited and anonymous environment. Software like White Noise Storm and S-Tools, can use the `least significant' bits of any digitised file to hold covert information, without changing it in any manner perceptible to the human sensory organs of sight or hearing as the case may be. So far paranoid privacy advocates have touted Steganography, albeit openly for communication without the powers that be breathing down your shoulders. It has been quite common to hide copyright messages behind digitised files so that it may be used in civil disputes. Software professionals found another tool in Steganography apart from `Easter Eggs' to record their contributions to a software product, when they were afraid that their employers might not give them title credits.

PROTECTION With Steganography `Stego Analysis' is the natural offshoot. Stego Analysis provides means to detect and destroy steganographic messages. Any image can be manipulated with the intent of destroying some hidden information whether an embedded message exists or not. However, they suggest that detection should precede destruction to target such hidden messages, which are not just innocuous copyright or ownership related info (known as `digital watermarks'). Detection may also save wasted effortSteganography and cryptography Steganography is different from cryptography. Cryptography uses encryption to change the contents of digitised files using some known algorithm into something totally different. The same algorithm can be used to restore it to its original form. Steganography does not alter the message in any way. It simply hides it. To make detection almost impossible, encrypted messages can be hidden using Steganography.

Example- Dead drops `Dead drop' is a Cold War-era slang connoting a place where spies left information. Cops and security experts feel that the Internet provides virtually limitless supply of `dead drops'. Officials and experts say the messages scrambled using free encryption programs set up by groups that advocate privacy on the Internet are hidden in an existing images on selected web sites. The e-mails and images can only be decrypted using a `private key' or code, selected by the recipient. Thus you very well could have a photograph and image with the time and information of an attack, say on an International airport, sitting on your computer, and you would never know it! Unlike the good old `dead drop' the Internet, is proving to be a much more secure way to conduct clandestine warfare.

BMP IMAGE FILE

INTRODUCTION

BMP files are an historic (but still commonly used) file format for the historic (but still commonly used) operating system called "Windows". BMP images can range from black and white (1 byte per pixel) up to 24 bit color (16.7 million colors). While the images can be compressed, this is rarely used in practice and won't be discussed in detail here. STRUCTURE A BMP file consists of either 3 or 4 parts as shown in the diagram on the right. The first part is a header, an information section follows this, if the image is indexed color then the palette follows, and last of all is the pixel data. The position of the image data with respect to the start of the file is contained in the header. Information such as the image width and height, the type of compression, the number of colors is contained in the information header. HEADER The header consists of the following fields. Note that we are assuming short int of 2 bytes, int of 4 bytes, and long int of 8 bytes. Further we are assuming byte ordering as for typical (Intel) machines. The header is 14 bytes in length. The useful fields in this structure are the type field (should be 'BM') which is a simple check that this is likely to be a legitimate BMP file, and the offset field which gives the number of bytes before the actual pixel data (this is relative to the start of the file). Note that this struct is not a multiple of 4 bytes for those machines/compilers that might assume this, these machines will generally pad this struct by 2 bytes to 16 which will unalign the future fread() calls - be warned. INFORMATION The image info data that follows is 40 bytes in length, it is described in the struct given below. The fields of most interest below are the image width and height, the number of bits per pixel (should be 1, 4, 8 or 24), the number of planes (assumed to be 1 here), and the compression type (assumed to be 0 here).

24 BIT IMAGE DATA

The simplest data to read is 24 bit true color images. In this case the image data follows immediately after the information header, that is, there is no color palette. It consists of three bytes per pixel in b,g,r order. Each byte gives the saturation for that color component, 0 for black and 1 for white (fully saturated). INDEXED COLOR DATA If the image is indexed color then immediately after the information header there will be a table of infoheader.ncolors colors,each of 4 bytes. The first three bytes correspond to b,g,r components, the last byte is reserved/unused but could obviously represent the alpha channel. For 8 bit greyscale images this colour index will generally just be a greys cale ramp.

JPEG - Joint Photographic Experts Group

This is the right format for those photo images which must be very small files, for example, for web sites or for email. The JPG file is wonderfully small, often compressed by 90%, or to only 1/10 of the size of the original data, which is very good when modems are involved. However, this fantastic compression efficiency comes with a high price. JPG uses lossy compression (lossy meaning "with losses"). Lossy means that some image quality is lost when the JPG data is compressed and saved, and this quality can never be recovered. Most other file compression methods are lossless, which means "fully recoverable". Lossless compression always returns the original data, bit-for-bit identical without any question about differences (losses). We are used to saving data to a file, and getting it all back when we next open that file. Our Word and Excel documents, our Quicken data, any data at all, we cannot imagine NOT getting back exactly the original data. TIF, PNG, GIF, BMP and most other image file formats are lossless too. This integrity requirement does limit efficiency, limiting compression of photo image data to maybe only 10% to 40% reduction in practice (graphics can be smaller). But most compression methods have full lossless recoverability as the first requirement. JPG files don't work that way. JPG is an exception. JPG compression is not lossless. JPG compression is lossy. Lossy means "with losses" to image quality. JPG compression has very high efficiency (relatively tiny files) because it is

intentionally designed to be lossy, designed to give very small files without the requirement for full recoverability. JPG modifies the image pixel data (color values) to be more convenient for its compression method. Detail that doesn't compress well can be ignored (removed instead of retained). This allows amazing size reductions on the remainder, but when we open the file and expand the data to access it again, it is no longer the same data as before. This lost data is like lost purity or integrity. It can vary in degree, it can be fairly good, but it is always unrecoverable corruption of the data. This makes JPG be quite different from all the other usual file format choices. There are times and places this compromise is an advantage. Web pages and email files need to be very small, to be fast through the modem, and some uses may not need maximum quality. In some cases, we are willing to compromise quality for size, sacrificing for the better good. And this is the purpose of JPG. There is no magic answer providing both high compression and high quality. We don't get something for nothing, and the small size has a cost in quality. Still, mild quality losses may sometimes be acceptable for less critical purposes. The sample JPG images on next page show the kind of problem to expect from excessive compression. Even worse, more quality is lost every time the JPG file is compressed and saved again, so ever editing a JPG image is a questionable decision. You should instead just discard the old JPG file and start over from your archived lossless TIF master, and save that change as the new JPG copy you need.

5. SYSTEM DESIGN UML (Unified Modeling Language)

It is a language to specifying, visualizing and constructing the artifacts of software system as well as for business models. GRADY BOOCH, IVAR JACCOBSON and JAMES RUMBUGH found it. The UML notation is useful for graphically depicting Object Oriented Analysis and Object Oriented Design (OOA and OOD) modules. The unified modeling language is a standard language for specifying, Visualizing, Constructing and documenting the software system and its components. It is a graphical language that provides a vocabulary and set of semantics and rules. The UML focuses on the conceptual and physical representation of the system. It captures the decisions and understandings about systems that must be constructed. It is used to understand, design, configure, maintain and control information about the systems.

Visualizing: Through UML we see or visualize an existing system and ultimately we visualize how the system is going to be after implementation. Unless we think we cannot implement. UML helps to visualize how the components of the system communicate and interact with each other.

Specifying
Specifying means building models that are precise, unambiguous and complete UML addresses the specification of all the important Analysis Design,

Implementation decisions that must be made in developing and deploying a software system.

Constructing
UMLs models can be directly connected to a variety of programming language through mapping a model from UML to a programming language like Java or C++ or VB. Forward Engineering and Reverse Engineering is possible through UML.

Documenting
The deliverables of a project apart from coding are some artifacts which are critical in controlling, measuring and communicating about a system during its development viz. Requirements, Architecture, Design, Source code, Project plans, Tests, Prototypes, Releases etc.

Diagrams in UML
Diagrams are graphical presentation of set of elements. Diagrams project a system, or visualize a system from different angles and perspectives. The UML has nine diagrams these diagrams can be classified into the following groups.

Static- Class diagrams. Object diagrams. Component diagrams. Deployment diagrams

Dynamic
Use case diagram. Sequence diagram. Collaboration diagram. State chart diagram. Activity diagram.

Static or structural diagrams

Class diagram This shows a set of classes, interfaces, collaborations and their relationships. There are the most common diagrams in modeling the object oriented systems and are used to give the static view of a system.

Object diagram Shows a set of objects and their relationships and are used to show the data structures, the static snapshots of instances of the elements in a class diagram. Like class diagram, the object diagrams also address the static design view or process view of a system. Component diagram Shows a set of components and their relationships and are used to illustrate the static implementation view of a system. They are related to class diagrams where in components map to one or more classes, interfaces of collaborations. Deployment diagram

Shows a set of nodes and their relationships. They are used to show the static deployment view of the architecture of a system. They are related to the component diagrams where a node encloses one or more components.

Dynamic or behavioral diagrams

Use Case diagram Shows a set of use cases and actors and their relationships. These diagrams illustrate the static use case view of a system and are important in organizing and modeling the behaviors of a system.

Sequence diagram & collaboration diagram These two diagrams are semantically same i.e. the dynamics of a system can be modeled using one diagram and transform it to the other kind of diagram without loss of information. Both form the, Interaction diagram. Sequence diagram Sequence diagram is an interaction diagram which focuses on the time ordering of messages it shows a set of objects and messages exchange between these objects. This diagram illustrates the dynamic view of a system. Collaboration diagram This diagram is an interaction diagram that stresses or emphasizes the structural organization of the objects that send and receive

messages. It shows a set of objects, links between objects and messages send and received by those objects. There are used to illustrate the dynamic vies of a system. Activity Diagrams Activity diagram shows the flow from one activity to another within a system. The activities may be sequential or branching objects that act and are acted upon. These also show the dynamic view of the system.

Use case Diagram of Data Security and Authentication

Sender Use case Here the sender to send a secured data to the receiver has a specific flow to follow. 1. Login to the system. 2. Hide the compressed file in a container. Receiver Use case Here once the data is received, the receiver needs to follow certain flow to read the data. 1. Login to the system. 2. The data needs to be separated from the container.

Use case Diagram of Steganography

User/User1 embeds the compressed file to be sent into the container on the sender side and de embeds of the compressed file that has been received from the container on the receiver side.

Class Diagram for Data Security and Authentication

The class diagram follows the top-down approach. Here the DSA is the parent class The Login class is the child class of the DSA class. The Embedding and De embedding classes are also the child classes of DSA class.

Sequence Diagram for Login

In this figure the User is the actor, the DSA is the interface and the login is the classifier. The above sequence diagram shows the process of login into the system.

Sequence Diagram for Embedding

In this figure the User is the actor, the DSA is the interface and Embed is the classifier. The above sequence diagram shows the process of how the sender/user embeds the text file into the image file.

Sequence Diagram for De embedding

In this figure the User is the actor, the DSA is the interface and De Embed is the classifier. The above sequence diagram shows the process of how the receiver/user de embeds the text file from the image file.

Activity Diagram for Login

This activity diagram shows the flow of the user login and the state transactions of the data security.

Activity Diagram For Embed

This activity diagram shows how the sender embeds compressed file into an image file that has to be sent.

Activity Diagram For De embed

This activity diagram shows how the receiver de embeds and embedded file to extract the text file from the image file that has been sent.

Activity Diagram for Help

This activity diagram shows the help information for the implementation of this system.

Usecase Diagram For Data Security:

Usecase diagram for Embed:

Usecase diagram for De-embed:

Usecase diagram for both Embed and De-embed:

SOFTWARE DESCRIPTION
This project is developed in Java under Windows 98 platform. In this modern world of computers, every noun in our vocabulary represents a class of objects sharing some set of characteristics and functional traits. Java leads itself naturally in embodying these areas into its own application domain. It has evolved a fantastic ability to generalize, classify and generate abstractions.

The essential aspects included in object-oriented approach

Identity. Classification. Polymorphism. Inheritance. Identity

Identity means that data is qualified into desecrate distinguishable entities called object and has its own inherent identity.

Classification
Classification means that object with same data structure and behavior are grouped into a class. A class is an abstract that describes the properties important to an application and ignores the rest. Each class describes a possibly infinite set of individual objects. Objects contain an implicit reference to its own class it "knows what kind of thing it is".

Polymorphism
Polymorphism means that the same operation may behave differently on different class. An operation is an action or transformation that an object performs or is subject to. A specific function in a class is called a METHOD. The language automatically selects the correct method to implement an operation based on the name of the operation and class the object operated on. New classes can be added without changing executing code provided methods are provided for each applications operation on the new classes.

Inheritance
Inheritance is a sharing attribute and operation among classes based on hierarchical relationship. A class can be defined broadly and refined into successively five sub classes. Each sub class incorporates or inherits at the properties of its super

class and adds its own unique properties. The ability to factor out common properties of several classes into a common super class and inherits the properties from the super class can greatly reduce repetition within designs and program is one of the main advantages of the object oriented analysis.

5.1 Module description

This project contains five modules . They are Graphical User Interface Data Embed and Retrieve Compression and Decompression CRC generation. CRC Verification

Data Embed
This module deals with identifying the data and the image to embed the data into the image before it can be transmitted. This is then followed by compression to increase the rate of transfer of files between the network.. The module opens by prompting the user to identify the file that need to be transmitted across the network. The file is then selected using the GUI interface provided through Java. The module then prompts to identify the image file which needs to house the data file. The developed system will provide support to select and embed data into .bmp & .jpg files. The selected image file is then previewed before it can house the data. The data is then embedded into the image file in such a way that the image file is not corrupted, at the same time the data is secure. The image if hacked or interrupted by a third party can be viewed in any browser without actually displaying the data. The data on the receivers end is isolated and removed from the image. The module deals with identifying the hidden data in the image. The module receives the image file that is decompressed and decompresses it using Radix 64. The decompressed file is then previewed to view the image file. The image file is then browsed to remove the associated data. The data is then removed from the image file.

GUI
This project is developed using graphics in Java language. The options available are displayed in a menu format, like in an online editor. Clicking on any particular menu item through mouse or through keyboard a dropdown menu is displayed, listing all the options available under that menu item and the user can select the needed actions according to their wish.

5.2 Sender Side Screens

Fig 5.2.1-Process Screen

Fig 5.2.2 Login Screen

Fig 5.2.45 Selection of Index on menu bar

Fig 5.2.46 Index Screen

Fig 5.2.47 Selection on page no 1.

Fig 5.2.48 Selection on page no 2.

Fig 5.2.49 Selection on page no 3.

7. System Testing 7.1 Introduction

The software testing process commences once the program is created and the documentation and related data structures are designed. Software testing is essential for correcting errors. Otherwise the program or the project is not said to be complete.

Testing types
The following are the types of testing

Unit testing Integration testing Validation testing System testing

UNIT TESTING Unit testing focuses verification effort on the smallest unit of software design(ie.) the module. Unit testing exercise specific paths in a modules control structure to ensure complete coverage and maximum error detection .This test focus on each module individually , ensure that it functions properly as a unit. Hence, the name is unit testing.

INTEGRATION TESTING Integration testing address the issues associated with the dual problems of verification and program construction. After the software has been integrated a set of High-order tests are conducted. The main objectives in this testing process is to take unit tested modules and build a program structure that has been dictated by design.

The following are the types of Integration Testing 1. Top-Down Integration This method is an incremental approach to the construction of program structure. Modules are integrated by moving downward through the control hierarchy, beginning with the main program module. The module subordinates to the main program module are incorporated into the structure in either a depth first of breadth-first manner. 2. Bottom-Up integration This method begins the construction and testing with the modules at the lowest level in the program structure. Since the modules are integrated from the bottom up, processing required for modules subordinate to a given level is always available and the need for stubs is elimination. The bottom-up integration strategy may be implemented with the following steps

The low-level modules are combined into clusters that perform a specific software sub-function.
A drive (i.e.,), the control program for testing is written to co-ordinate test case input and output. The cluster is tested. Drivers are removed and clusters are combined moving upward in the program structure.

3. Validation Testing
At the end of the Integration Testing, software is completely assembled as a package, interfacing errors have been uncovered and correction testing begin.

Validation Test Criteria

Software testing and validation is achieved trough serried of black box tests that demonstrate conformity with the requirements. A test plan outlines the classes of tests to be conducted and a test procedure defines specific test cases that will be used to demonstrate conformity with requirements. Both, the plan and the procedure are designed to ensure that all functional requirements are achieved, documentation is correct and other requirements are met.

7.2 System Testing

System testing is series of different tests whose primary purpose is to fully exercise the computer based system. Although each test has a different purpose, all the work should verify that all system element have been properly integrated and perform allocated functions.

7.3Implementation
7.3.1GRAPHICAL USER INTERFACE

This project is developed using swings in Java language. The options available are displayed in a menu format, like in an online editor. Clicking on any particular menu item through mouse or through keyboard a dropdown menu is displayed, listing all the options available under that menu item and the user can select the needed actions according to their wish. The Menu Bar consists of the following contents Data Help Exit

Data
This menu consists of the following submenu content. Embed Deem bed

EMBED
This process plays the vital role in the steganography part. Here the package accepts the Image file name and Data file name from the user. The important point to be noted is, the image file must be the JPEG or BMP format, the data file must be in the compressed format (i.e., .CMP extension).

The package embed the compressed Data file with the Image file specified by the user, in such a way that the image will not be distributed after the embed process. The embedding process is graphically simulated with the help of progress bar.

DE EMBED
This process plays an alternate role against the embed. Here the package accepts the Image file name that present in the system. The important point to be noted is, the Image file format must be JPEG or BMP format. The process should checks for the presence of data, if the presence of data is identified, then the process request the path of the destination file (i.e., Data file with .CMP extension) for the retrieval of data from the Image file. Here all the process is graphically simulated with the help of progress bar.

AUTHENTICATE
This is a common utility employed in Network security. Using this utility we can secure any files present in the system. This process contains two important processes. HELP This menu consists of the following submenus

About Topics Index

About

This process gives the copyright information, owner name, version etc.

Topics This process gives the entire help about the package. Here the help can be activated in two ways either by the pressing F1 or specifying the respected page number. To achieve this, verify the index menu for finding the page number of the specified Topics. Index This process gives the entire indexed help about the package.

7.4 Product Scope

Language : Java (Jdk1.4)

This project is developed in Java under Windows 98 platform. In this modern world of computers, every noun in our vocabulary represents a class of objects sharing some set of characteristics and functional traits. Java leads itself naturally in embodying these areas into its own application domain. It has evolved a fantastic ability to generalize, classify and generate abstractions. The essential aspects included in object-oriented approach Identity. Classification. Polymorphism. Inheritance

8. CONCLUSION

The system deals with providing an easy and secures files transmissions across the network. The data is encrypted and embedded with any container file and transmitted through the network. At the receiving end the data is de-embedded , decrypted and displayed. The application can now be used in any organization that uses networks. The type of the network or protocol will not affect the application.

9. REVIEW OF JAVA
9.1 ENVIRONMENT Java was conceived by James Gosling, Patrick Naughton, ChrisWarth, Ed Frank and Mike Sheridan at SUN Micro Systems Incorporation in 1991. It took 18 months to develop the first working version. This language was initially called OAK, but was renamed JAVA in 1995. Before the initial implementation of OAK in 1992 and the public announcement of Java in 1995, many more contributed to the design and evolution of the language.

9.2 OVERVIEW OF JAVA An Object Oriented Programming Language (OOPL) developed at Sun Microsystems. A Virtual Machine Run Time Environment that can be embedded in web browser (IE, NN). Java is a powerful but lean object oriented programming language. It has generated a lot of excitement because it makes it possible to program for Internet by creating applets, programs that can be embedded in web page. The context of an applet is limited only by ones imagination. For example, an applet can be an animation with sound, an interactive game or a ticker tape with constantly updated stock prices. Applets can be serious application like word processor or spreadsheet. But Java is more than a programming language for writing applets. It is being used more and more for writing standalone applications as well. It is becoming so popular that many people believe it will become standard language for both general purpose

and Internet programming. There are many buzzwords associated with Java, but because of its spectacular growth in popularity, a new buzzword has appeared ubiquitous. Indeed, all indications are that it will soon be everywhere.

Java builds on the strength of C++. It has taken the best features of C++ and discarded the more problematic and error prone parts. To this lean core, it has added garbage collection (automatic memory management), multithreading (the capacity for one program to do more than one thing at a time), security capabilities. The result is simple, elegant, powerful and easy to use.

Java is actually a platform consisting of three components Java Programming Language. Java Library of Classes and Interfaces. Java Virtual Machine.

It also has a Standardized set of Packages (Class, Interfaces) Creating Graphical User Interfaces Controlling Multimedia Data Communicating over Network The following sections will say more about these components

FEATURES OF JAVA Java is portable, object oriented, makes to write correct code ,has Garbage collection ,is Simple , it includes a library of classes and interfaces, is extensible, has Security, performs well, is robust, scales well, is multithreaded , is important to the internet.

9.3 JAVA DATA BASE CONNECTIVITY INTRODUCTION Java Database Connectivity (JDBC) is a front-end tool for connecting to a server to ODBC in that respect, However JDBC can connect only Java clients and it uses ODBC for the connectivity. JDBC is essentially a low-level application programming interface. It is called a low-level API since any data manipulation, storage and retrieval has to be done by the program itself. Some tools which provide a higherlevel abstraction or expected shortly.

REQUIREMENTS TO USE JDBC

To use JDBC you need a basic knowledge of database and SQL. Apart from this you need the jdk1.1 (Java Development Kit 1.1) or a version of Java since jdk1.1 and above come bundled with JDBC software. After that you need to have a back-end database engine for which a JDBC driver is available. When JDBC drivers are not available JDBC-ODBC bridge drivers are used to access the database through ODBC. Back-end is not need when JDBC driver is capable of storing and retrieving the data itself, or if JDBC-ODBC bridge and the ODBC driver can be store and retrieve the information.

JDBC OVERVIEW: JDBC is a Java API for executing SQL statements. (JDBC is a trademarked name and is not an acronym; nevertheless, JDBC is often thought of as understanding

for "Java Database Connectivity".) It consists of a set of classes and interfaces written in the Java programming language. JDBC provides a standard API for tool/database developers and makes it possible to write database applications using a pure Java API. Using JDBC, it is easy to send SQL statements to virtually any relational database. In other words, with the JDBC API, it is not necessary to write one program to access a Sybase database, another program to access a Oracle database, another program to access a Informix database, and so on.. One can write a single program using the JDBC API, and the program will be able to send SQL statements to the appropriate database. And with in an application written in Java programming language, one also doesn't have to worry about writing different applications to run on different platforms. The combination of Java and JDBC lets a programmer to write it once run it anywhere. Java, being robust, secure, easy to understand, and automatically downloaded on a network, is an excellent language basis for database applications. What is needed is a way for Java applications to walk to a variety of different databases. JDBC is the mechanism for doing this. JDBC extends the concepts, which can be done in Java. For example, with Java and JDBC API, it is possible to publish a web page containing an applet that uses information obtained from a remote database or an enterprise can use JDBC to connect all this employees (even if they are using conglomeration of Windows, Macintosh, and Unix machines) to one or more internal databases via an Internet. With more and more programmers using the Java programming language, the need for easy database access from Java is continuing to grow. MIS managers like the combination of Java and JDBC because it makes disseminating information easy and economical. Businesses can continue to use their installed databases and access information easily even of it is stored on different database management systems. Development time for new applications is short. Installation and version controls are greatly simplified. A programmer can write an application or an update once, put it on the server, and everybody has access to the

latest version. And for business selling information services, Java and JDBC offer a better way of getting out information updates to external customers. WHAT DOES JDBC DO? Simply put, JDBC makes it possible to do three things: 1. Establish a connection with the database 2. Send SQL statements 3. Process the results The following code fragment gives a basic example of these three steps: Connection con = DriverManeger.getConnection (Jdbc:odbc:omega, login, password);

USING JDBC INSTEAD OF CGI: Until now, the only way to access a database through Java has been to use streams in Java to call and access Common Gateway Interface (CGI) programs. Calling a CGI script from Java lets you call a separate program that accesses the database and returns results. Using this approach is slow and lets more bugs creep into applications. Developing into two different development languages requires the knowledge of two technologies. When we use JDBC we need to know only the Java language, whereas when we use CGI we must use Java and another language. Another reason to use JDBC is that it is noticeably faster than CGI approach. Using CGI usually requires that you call another program that must be executed by the computer. This separate program then accesses the database and processes the data, returning it to the calling program in a stream. This requires multiple levels of processing, which in turn increases wait time as well s enables more bugs to appear. The following figure displays how CGI program is executed.

Java Applicatio

Web Server

CGI Scri

Database

Fig. Calling a CGI script. Whereas calling a CGI script involves actually executing a new script, usually through a web server, executing a JDBC statement against the database requires only some sort of server that passes the SQL commands through the database. This speeds up dramatically the time it takes to execute SQL statements. Whereas the CGI script must actually connect to the database and process the results, the JDBC solution lets your Java application have the connection to the database so that thew application can perform all of the processing. The following figure displays how a JDBC statement is executed.

JAVA
Ja ApJAplication

JDBC JDBC Server

Fig. Executing a JDBC statement

DATABASE Database

JDBC IS A LOW-LEVEL API AND A BASE FOR HIGER-LEVEL APIs JDBC is a low-level interface, which means that it is used to invoke (or call) SQL commands directly. It works very well in this capacity and is easier to use than other database connectivity. JDBC APIs were also designed to be a base upon which to build higher-level interfaces and tools. A higher-level interface is userfriendly, using a more understandable or more convenient API that is translated behind the scenes into a low-level interface such as JDBC. At present, two kinds of higher-level APIs are under development on top of JDBC: An embedded SQL for Java: At least one vendor plans to build this. DBMS implement SQL, a language designed specifically for use with databases. JDBC requires that SQL statements be passed as strings to Java methods. An embedded SQL

processor allows a programmer to instead mix SQL statements directly with Java: for ex: a Java variable can be SQL statement to receive or provide SQL mix into Java with JDBC calls. A direct mapping of a relational database tables to Java classes: JavaSoft and others have announced plans to implement this. In this object/relational mapping, each row of the table becomes an instance of that class, and each column value corresponds to an attribute of that instance. Programmers can then operate directly on Java objects; the required SQL calls to fetch and store data are automatically generated beneath the covers. More sophisticated mappings are also provided, for example, where rows of multiple tables are combined into Java class. 2.1 As interest in JDBC has grown, more developers have been working in JDBC based tools to make building programs easier, as well. Programmers have also been writing applications that make accessing a database easier for the end-user. For e.g., an application might present a menu of database tasks from which to choose. After a task is selected, the application presents prompts and blanks for filling in information needed to carry out the selected task. With the required input typed in, the application then automatically invokes the necessary SQL command. With the help of such an application, users can perform database tasks even when they have little or no knowledge of SQL syntax. JDBC Vs ODBC AND OTHER APIs: At this point, Microsofts ODBC (Open Database Connectivity) API is the most widely used programming interface for accessing relational databases. It offers the ability to connect to almost all databases on almost all platforms. So why not use ODBC form Java? The answer is that you can use ODBC from Java, but this is best done with the help of JDBC in the form of the JDBC-ODBC Bridge. The question now becomes Why do you need JDBC? There are several answers to this question:

ODBC is not appropriate for direct use from Java, because it uses a C interface. Calls from Java to native C-code have a number of drawbacks in the security, implementation robustness and automatic probability of applications. A literal translation of the ODBC C API into a Java API would not be desirable. For e.g., Java has no pointers, and ODBC makes copious use of them, including the notoriously error-prone generic pointer void *. You can think of JDBC ac ODBC translated into an object-oriented interface that is natural for Java programmers. ODBC is hard to learn. It mixes simple and advanced features together, and it has complex options even for simple queries. JDBC, on the other hand was designed to keep simple things simple while allowing more advanced capabilities where required. A Java API like JDBC is needed in order to enable a pure Java solution. When ODBC is used, the ODBC driver manager and drivers must be manually installed on every client machine. When the JDBC driver is written completely in Java, however, JDBC code is automatically installable, portable, and secure on all Java platforms from network computers to mainframes. In summary, the JDBC API is a natural Java interface to the basic SQL abstractions and concepts. It builds on ODBC rather than starting from scratch, so programmers familiar with ODBC will find it very easy to learn JDBC. JDBC returns the basic design features of ODBC; in fact both interfaces are based on the (X/Open SQL CLI (Call Level Interface). The big difference is that JDBC builds on end reinforces the style and virtues of Java, and, of course it is easy to use. More recently, Microsoft has introduced new APIs beyond ODBC: RDO, ADO, and OLE dB. These designs move in the same direction as JDBC in many ways, that is, in being an object-oriented database interface based on classes that can be implemented on ODBC. However, there is no compelling functionality in any of these interfaces to make them an alternative basis to ODBC, especially with ODBC driver market well established. Mostly they represent a thin veneer on ODBC. This is not to say that JDBC does not need to evolve from the initial release; however, the general feeling is that most new functionality belongs in higher-level APIs such as the object/relational mappings and embedded SQL mentioned in the previous section.

Single Tier In a single tier the server and client are the same in the sense that a client program that needs information (client) and the source of this type of architecture is also possible in java, in case flat files are used to store the data. However this is useful only in case of small applications. The advantage with this is the simplicity and portability of the application developed.

Server and client

Database

Fig: Single-tier Architecture

TWO-TIER AND THREE-TIER MODELS: The JDBC API supports both two-tier and three-tier models for database access. In the two-tier model, A Java applet or application talks directly to the database. This requires a JDBC driver that can communicate with the particular database management system being accessed. A users SQL statements are delivered to the database, and the results of those statements are sent back to the user. The database may be located on another machine to which the user is connected via a network. This is referred to as a client/server configuration, with the users machine as the client, and the machine housing the database as the server. The network can be the

Intranet, which, for example, connects employees within a corporation, or it can be the Internet.

Server

Client

Data base Client

Fig. Two-tier Architecture In the three-tier models, commands are send to a "middle-tier" of services, which then send SQL statements to the database. The database process the SQL statements and then send the results back to the middle tier, which then sends them to the user. MIS directors find the three-tier model very attractive because the middle tier makes it possible to maintain control over access and the kinds of updates that can be made to corporate data. Until now the middle tier has typically been written in languages such as C or C++, which offers fast performance. However, with the introduction of optimizing compilers that translate Java BYTECODE into efficient machine-specific code, it is becoming practical to implement the middle tier in Java. This is a big plus, making it

possible to take advantage of Java's robustness, multithreading, and security features. JDBC is important to allow database access from Java middle tier.

DATABASE MODELS JDBC and accessing the database through applets, and JDBC API via an intermediate server resulted in a new type of database model which is different from the clientservers through which the request should go it is named as single tier, two tier and multi tier architecture.

JDBC DRIVER TYPES The JDBC drivers that we are aware of at this time fit into one of four categories

JDBC-ODBC bridge plus ODBC driver

The Java Soft bridge product provides JDBC access via ODBC drivers. Note that ODBC binary code and in many cases database client code must be loaded on each client machine that uses this driver. As a result, this kind of driver is most appropriate on a corporate network where client installations are not a major problem, or for application server code written in Java in a three-tier architecture. Native-API partly-Java driver This kind of driver converts JDBC calls into calls on the client API for Oracle, Sybase, Informix, DB2, or other DBMS. Note that, like the bridge driver, this style of driver requires that some binary code be loaded on each client machine. JDBC-Net all-Java driver This driver translates JDBC calls into a DBMS-independent net protocol that is then translated to a DBMS protocol by server. This net server middle ware is able to connect its all-Java clients to many different databases. The specific protocol used depends on the vendor. In general, this is the most flexible JDBC alternative. It is likely that all vendors of this solution will

provide products suitable for Internet use. In order for these products to also support Internet access, they must handle the additional requirements for security, access through firewalls, etc., that the Web imposes. Several vendors are adding JDBC drivers to their existing database middle ware products. Native-protocol all-Java driver This kind of driver converts JDBC calls into the network protocol used by DBMS directly. This allows a direct call from the client machine to the DBMS server and is a practical solution for Internet access. 3.5

MICROSOFT ACCESS
INTRODUCTION Access is a database management system. Databases are an important part of everyday use. We use them anywhere we use computers, at home, and in the fields of medicine, education, law, business, engineering and government. A database is a collection of data and facts that are related to a particular object or purpose, such as tracking customer orders or maintaining a music collection. If your database is not stored on a computer, or only parts of it are on the computer, you may be tracking information from a variety of sources that you have to coordinate and organize yourself. In Access, the heart of the database is the Table. One or more tables comprise a database. In addition to tables, a database can contain other objects such as queries, reports, forms and other components. These objects allow you to view and manipulate the data contained in the database in variety of ways. Database Objects Table Description The primary units of a database that stores field names, field description, field controls and field data. Tables display multiple Query records in a row/column format similar to a spreadsheet layout. A structured guideline used to search database tables and retrieve records that meet specific conditions.

DATABASE DESIGN PROCESS

Although there is no one correct way to create a database, there are some general steps that some professional systems developers follow. These steps generally reflect what is known as the Systems Development Life Cycle (SDLC). The SDLC breaks the task of creating a system into stages. A variety of techniques can be employed to answer these questions. One of the best ways is to involve the future end-users of the database. A database, however, may have hundreds or even thousands of users. However, if the database is very large, you might have to consult representatives of various user groups, such as a database design committee.

APPLETS
An applet is a special kind of Java program that a browser enabled with Java technology can download from the internet and run. An applet is typically embedded inside a web-page and runs in the context of the browser. An applet must be a subclass of the java.applet.Applet class, which provides the standard interface between the applet and the browser environment. Swing provides a special subclass of Applet, called javax.swing.JApplet, which should be used for all applets that use Swing components to construct their GUIs. By calling certain methods, a browser manages an applet life cycle, if an applet is loaded in a web page. Life Cycle of an Applet Basically, there are four methods in the Applet class on which any applet is built. Init

This method is intended for whatever initialization is needed for your applet. It is called after the param attributes of the applet tag. Start This method is automatically called after init method. It is also called whenever user returns to the page containing the applet after visiting other pages. Stop This method is automatically called whenever the user moves away from the page containing applets. You can use this method to stop an animation. Destroy This method is only called when the browser shuts down normally. Thus, the applet can be initialized once and only once, started and stopped one or more times in its life, and destroyed once and only once.

Swing
To create a Java program with a graphical user interface (GUI), you'll want to learn about Swing. The Swing toolkit includes a rich set of components for building GUIs and adding interactivity to Java applications. Swing includes all the components you would expect from a modern toolkit like table controls, list controls, tree controls, buttons, and labels. Swing is far from a simple component toolkit, however. It includes rich undo support, a highly customizable text package, integrated internationalization and accessibility support. To truly leverage the cross-platform capabilities of the Java platform, Swing supports numerous look and feels, including the ability to create your own look and feel. The ability to create a custom look and feel is made easier with Synth, a look and feel specifically designed to be customized. Swing wouldn't be a component toolkit without the basic user interface primitives such as drag and drop, event handling, customizable painting, and window management. Swing is part of the Java Foundation Classes (JFC). The JFC also include other features important to a GUI program, such as the ability to add rich graphics functionality and the ability to create a program that can work in different languages and by users with different input devices.
Swing GUI Components

The Swing toolkit includes a rich array of components from basic components, such as buttons and check boxes, to rich and complex components, such as tables and text. Even deceptively simple components, such as text fields, offer sophisticated functionality, such as formatted text input or password field behavior. There are file browsers and dialogs to suit most needs, and if not, customization is possible. If none of Swing's provided components are exactly what you need, you can leverage the basic Swing component functionality to create your own.

10. References
1) Java 2) Jdbc a) Patrick naughton & Herbert schild The complete reference-java 2 a) Databases in Java, Korth b) Patrick naughton & Herbert schild The complete reference-java 2 3) Html a) E.Stephen mack janan platt Html b) The complete reference