380 likes | 510 Views
Horse Racing System. (CSC 7250 Project I). Supervised by: Prepared by:. Prof. Michael Lyu Wilson Ngan. Agenda. Introduction Demonstration Question & Answer. INTRODUCTION. Secure Zone. Non-Secure Zone. Database Server. UDDI Registry Server. Workstation 1. Authentication Module.
E N D
Horse Racing System (CSC 7250 Project I) Supervised by: Prepared by: Prof. Michael Lyu Wilson Ngan
Agenda • Introduction • Demonstration • Question & Answer
Secure Zone Non-Secure Zone Database Server UDDI Registry Server Workstation 1 Authentication Module Workstation 2 Application Server Internet Workstation n Terminal 1 Terminal 2 Terminal 3 Architecture Overview Firewall
Database Server Workstations Terminals SOAP HTTP JDBC Connection Pool Apache AIX 1.1 JSP Servlet Tomcat Authentication Module JNI OPENSSL Application Server
Application Server Workstations SOAP Windows Application Crypto API PCKS Smart Card Reader Workstations
Application Server Terminals HTTP Web Application Terminals
Application Server Oracle 9i Server JDBC Oracle 9i Instance Database Server
UDDI Registry Server UDDI Registry Web Services Search Web Services Terminal UDDI Application Server UDDI UDDI Registry Server
Web Service • Web Services Architectures • SOAP—Protocol over HTTP • WSDL – Description of Web Service • UDDI – Searching Web Service • Language Independent (XML) • Flexible • Inefficient (Large overhead) • Sample • Client – SmartApp • Server – DemoLogin
Package Name Vendor Server Java Web Services Developer Pack (Java WSDP) Sun Tomcat Emerging Technologies Toolkit (ETTK) IBM Websphere Apache eXtensible Interaction System (AXIS) Apache Apache Microsoft’s .NET Framework Microsoft IIS Web Service Table 1 Summary of Web Service Development Toolkit
Openssl • FREE for commercial and non-commercial • Base on SSLeay library developed by Eric A. Young • Complete cryptographic library • Open Source • Multi-platform (Windows, Unix, Linux, MasOS, VMS, OS2) • Support SSL/TLS, CA operation, all PKCS standards • Command Tools • Sample (OpensslWrapperCOM)
Crypto API • Windows ONLY • FREE for commercial and non-commercial • High Level API • Open for different vendor to implement • All key pairs store in Container • Big Endian / Little Endian • Each key pairs responsible for • AT_KEYEXCHANGE • AT_SIGNATURE • Sample (sRitCryptoLib)
Command Line Platform Language CA support OpenSSL Yes Windows, Unix, Linux, MasOS, VMS, OS2 C Yes JCE No Follow Java Java No Bouncy Castle No Follow Java Java Yes Crypto API No Windows VC Yes Summary of Cryptographic Provider Table 2 Summary of Cryptographic Library
Free Marker • FREE for commercial and non-commercial • Alternatives to JSP • Design for MVC (Model View Controller) model • Template Engines • Support non-web application
ATL/COM • Part of the Microsoft Foundation Classes • COM -- Component Object Model • reusable • very efficient components • ATL is Active Template Library • Clean and Fast development technology • Sample (OpensslWrapperCOM)
JNI • Java Native Interface • Bridge between Java and C • Alternative Source of Standard Library • CPU usage • Memory usage • Warning !!!! Java VM will crash if memory leakage exists • Sample (CryptoWrapperJNI)
ANT • Robust Build tools • Preserve the development environment • Used by major JAVA editor • Forte, Netbeans, Ellipse • Support command line • Sample (Horse Racing System)
DEMONSTRATION (Client Application) Get Challenge
DEMONSTRATION (Client Application) Sign Challenge