IMPLEMENTATION OF A SECURED DATA COMMUNICATION BETWEEN HETEROGENEOUS SYSTEMS USING WEB SERVICES CASE STUDY: KUMASI POLYTECHNIC

ABSTRACT
Web services are believed to be the future of distributed applications since they access a little resource from the host machine to operate. Though many developers have bought into this idea, the development of web services still needs a wide implementation and deployment (Du , 2004). Organizations are still nding it di cult to grasp its make up and deployment. Many organizations, still depend on partners infrastructure for data processing and its transfer. For example with respect to our case study (Kumasi Polytechnic), school fees data of students takes a long time before the institution acknowledges receipt. This is due to the fact that the banking institution involved has to do some internal reconciliations. In actuality this reconciliations do not bene t the institution but they bare its consequence in the area of student registrations.
In transferring or sending real time data, web service developers claim web services are the smartest way (Du , 2004), but customers would want to know whether it is really what it is meant to be. Its performance coupled with high security is very key to the customers who would want to implement such services. In this case web service providers need a well tested framework before the actual commercialization of the web services. For the past years, the Kumasi Polytechnic Institute had had many challenges with the the real time access to school fees data for other process. Transactions sent over raw the hyper text transfer protocol(http) are susceptible to common attacks such as the man-in-the-middle attack. When this attack occurs, the attacker will be able to retrieve important messages from the http request and later use it against the real person the message was meant for. This is a main problem of raw http.

In this thesis, we showcase a secured way of transferring highly sensitive data through Hyper Text Transfer Protocol (HTTP) by implementing two kinds of security levels i.e. the Secure Socket Layer and the a single key data encryption algorithm. The results proved that encrypting data over the internet and also encrypting the transfer protocol has no signi cant e ect of the data that is transfered.


CHAPTER 1
Introduction

1.1       Background of Study
The bond between the Internet and the users have become great over the years since web pages have gone through a lot of changes from a time where the Internet mostly provided static pages to now where the internet is full of dynamic pages. The high increase of Internet users to day has compelled a lot of companies,businesses and organizations to move their services or products online. In serving users well and also winning users loyalty on the Internet, Companies like Internet Service Providers (ISPs) have created portals to integrate and classify their information services (Felipe , 2010) like news so that users could get access to any news around the world at a single place just to facilitate information retrieval. In the late 90s, saw the introduction of search engines that allows users to search for services and content from a variety of service providers that addressed their needs, thus reducing the in uence and patronage of the portals. The internet has since received a tremendous growth in terms of technology and standards. These standards and technologies like XML,AJAX, web services have enabled companies to develop a wide range of media based or social components (e.g.: Facebook, YouTube, delicious.com etc). The way users and companies also interact with the Internet has changed over time because now even non-technical people can create content and share information among themselves and because of this, the Internet has become a space where new services and content are continuously growing at a faster pace. Integrated services has also become common in the web community since several businesses and Government organizations have embraced the act of developing web services which are some times in the form of applications created on the y out of programs and data that live on the Internet.

Since Internet came to existence, web-applications have played a pivotal role in the development of businesses and organizations by way of moving them from the traditional brick and mortar infrastructures to online infrastructure which are situated in di erent locations (Ramesh et al , 2003).

At the moment, software applications are previewed to content or data over the World Wide Web regardless of the programming languages they are written in. The Web Service technology insures a paradigm where two or several heterogeneous software applications share data among themselves. The data or information sharing is typically delivered through the Internet over the Hyper Text Transport Protocol (HTTP). By this the applications are sort of webi ed in order for the transfer to take place. Incorporating a web service into any software application enables the application to expose specific functionalities that are consumed by other software. Every web service that one develops must be reliable and its performance should be tried and tested to build the con dence of organizations and companies, that web services are reliable and that they can always rely on any published service that addresses their need rather than building a new system which will save them time and money.

Kumasi Polytechnic Institute has had many challenges with the sale of admission forms and sub-sequently resolving the payment of students tuition fees. Kumasi Polytechnic has several vendors that assist the institution in the sale of admission forms all over the country. These include nan-cial institutions and non- nancial institutions like the post o ce and other governmental agencies. This possess some sort of threat to Kumasi Polytechnic especially since the non monetary institutions sometimes fail to render proper accounts on the sale of admission forms. In addition to this students are made to queue every academic year for tuition fees receipt veri cation and clearance. The cashiers at the polytechnic go through this process in order to make sure that students pay their tuition fees before they are "cleared" to register. This has been a menace to the entire student populace and the institution. The idea of web services could be channeled in a uni ed manner in building an integrated system that could facilitate the easy ow of some activities in the school.

1.1.1    Extensible Markup Language (XML)
This is a stractured language that describes a set of regulations for presenting documents in a format that is readable to the user and the computer. Web service is the latex technology in distributed computing, based on XML standards and Internet protocols and also a powerful tool that facilitates communication and collaboration between business applications which were devel-oped on di erent platforms and are also running on di erent resources to work as one. Extensible Markup Language, XML have been neglected by many developers in terms of its strength and capabilities. It is powerful tool such that its capabilities stem from documentations, development of databases, a medium of data or information exchange between heterogeneous systems etc.

1.1.2    Web Service De nition
This is a tool or technology that is used for data communication between applications through the use of Extensible Markup Language (XML) tags, JavaScript Object Notation (json) and network protocols like HTTP. These technologies come together to o er services in a more natural way where by there is a request of service and an o ering of that service if that service is available. In actual sense web service(s) is/are method(s) or function(s) that is/are described by a WSDL and are made available or published via UDDI. Web services can be seen as the bench mark or the standard for integrating applications in order for them to communicate very easily based on its XML component. Web services unlike web pages do not have GUI connecting the sever and the client. They rather share the application logic, processes and data through the Internet or a network interface (Chandrasekar, 2003).

It is distributed system of loosely coupled applications whose backbone is the service oriented architecture (SOA) deployed over the HTTP. A typical example is Amazons Web Services (AWS). This infrastructural setup provides online services for other websites or client-side applications. The world wide web consortium (W3C) de nes a web service as

"a software system designed to support interoperable software-to-software interaction over the Internet. It has an interface described in a machine-processable format (speci cally Web Service Description Language (WSDL))",(Brown et al, 2004). This shows that once a web service is up and running, any other system or application can request for the services given the right access.


1.1.3    Service Oriented Architecture (SOA)
Web services operates on the Service-oriented Architectures (SOA) (Jones, 2205) which uses inter-operability as its communication protocol and a broker-request architectures to facilitate exchanges of service. The Organization for the Advancement of Structured Information Standards (OASIS) (Leitner, 2007) (OASIS, 2006) de nes SOA as paradigm for organizing and utilizing distributed capabilities that may be under the control of di erent ownership domains.

SOA can also be de ned as a form of technology architecture that adheres to the principles of service-orientation. Looking into Web service technology platform, SOA depicts the power to support and promote these principles of the entire business process and automation of an enterprise (Leitner, 2007). SOA in detail has speci c features which are listed below:

loosely coupled - services are self-contained and self-managing.  The number of necessary connections to systems outside of the service are minimal. Services have low representational,
identity and communication protocol coupling (Papazoglou et al, 2006).

de ned by a service contract - services adhere to a communications and interface de nition or to a service description,

autonomous - services have the absolute control over the function that they realize,

abstract - services hide all implementation details from the rest of the world,revealing only the service contract,

reusable - services are intended for and promote reuse,
  
simple services can be assembled and coordinated to build composite services (service com-position) (Curbera et al,2003)(Michael et al , 2005) 

stateless - services do not have a state, and 

discoverable - services can be found and evaluated via external discovery or registry mecha-nisms.

A typical SOA architecture consist of three main actors. The Provider,the Broker and the Re-quester. In this scenario a service provider creates the services which is then made available to the service requester through the service broker(Simmonds , 2011). The service requester accesses the components of the service through the Universal Description, Discovery and Integration, UDDI which has all the information that the requetser needs.


1.1.4    Universal Description Discovery ana Integration (UDDI)
This contains all the needed information, parameter, and function about a published webservice to enable client invocation It enables service providers to showcase all their services in other for service requesters to nd and consume those services. The UDDI has two main parts or attributes. Firstly, it has a registry of all the web service’s meta data and secondly a set of Web S Description and the port type de nitions for searching that registry (The Tutorials Point , 2014).

1.1.5    Web Service Description Language (WSDL) 
This is the main language that the UDDI uses in its operations. It is commonly used in conjunction with XML data schema to serve a web service on the Internet. A service requester searching for a service to consume looks for the UDDI from the WSDL le for all the method that the service provider has served. The requester then uses a SOAP to connect to the speci c function which it needs(?).

1.1.6    Simple Object Access Protocol (SOAP)
This is a protocol for exchanging messages written in XML. Its way of transferring data on a network is achieved in conjunction with the Hyper Text Transfer Protocol, HTTP(S). A extensive view on SOAP,UDDI,WSDL and SOA will be carried out in detail later in the next chapter.

1.2       Problem Statement
Web services are believed to be the future of web applications since they access a little resource from the host machine to operate. Though many developers have bought into this idea, the development of web services still needs a wide implementation and deployment (Du , 2004). Organizations are a still nding it di cult to grasp its make up and deployment. Many organizations, like the one cited in this thesis still depend on partners infrastructure for data processing. For example data on school fees delays a day or two before the nance o ce of the institution gets access to it. This is because their banking institution has to do some reconciliations which do not bene t the institution when it comes to student registration. This goes a long way to a ect student registrations and some other pertinent activities in the school. In transferring or sending real time data, web service developers claim web services are the smartest way, but the requesters would want to know whether it is really what it is meant to be. Its performance is very key to the development of their businesses. In such a situation service providers need an above experimental proceedings before the actual commercialization is deployed. For the past years, the Kumasi Polytechnic Institute had had many challenges with the the real time access to school fees data for other process. If even they had one, their main concern is the level of security the system would be endowed with. Due to this, students are made to queue every academic year for receipt veri cation. In other to solve some of this problems and unleash the capabilities and advantages of web services, this thesis was proposed.

1.3       Motivation
More than two decades ago saw the advent of Extensible Markup Language by a group of developers in association with the W3C (?). Since then few technologies have captured its capabilities for deploying systems that can be used in industries. More recently, many developers are beginning to unleash the potentials and power of the XML language in developing web service driven applications that could seamlessly connect with any other application (Singh, , 2004). Web services can be used to leverage di erent applications between the same or di erent companies instead of rebuilding them. This is able to remove all forms of platform or hardware issues since web services are platform independent. Web service is less expensive to implement since it takes less time to develop and also improving some of the service components which helps in saving time in terms of service adaption. The learning curve for developers can also be reduced as well when considering that it is not necessary to learn speci c details behind the services. The risk involved in web services is mitigated since there are already tried and tested services available that can be reused. This reduce failures when developing new services. There is also easy adaptability since the con gurations about integrated services can be changed easily. This allows easy and quick deployments.

1.4       Objective
This thesis addresses the following objectives:

To use web service as a tool to send data between two heterogeneous applications To secure pertinent data (fees) before being transacted

To measure the performance of the developed web services.

This research is geared towards the development and deployment of a service which will seamlessly integrate the systems of Kumasi Polytechnic and its agents.

1.5       Research Questions
How can the transportation medium of data be encrypted before sending data through it? How can fees data be secured before being sent over the internet?

Would the performance and security of the new web services hinder the existing system?


1.6       Significance of study
This work addresses the performance issues associated with web services that organizations, com-panies and individuals are not aware of. The study has also proven that web services are very reliable, e cient and secured platform for two or more applications to communicate without any regards to the hardware or platform on which each was developed.

1.7       Methodology
The main web service developed in this thesis is Java based. In every system, performance measure-ment is very keen to ensure optimum usage of the system. In other to determine the performance of the web service created, this study took upon itself to measure some key properties of the de-veloped service. This was done to ensure the e ciency of the service. We demonstrated a simple web service with two clients notably Java and PHP clients as a test case before the main web service for sending school fees data was developed and deployed. Secured Socket Layer (SSL) was implemented to secure the web service. The tools and technologies used for this work are eclipse Integrated Development Environment,PostgreSql, Ubuntu 12.04 LTS. We proposed an experiment for testing the service functionally and non functionally with a simulator known as soapUI.. The service performance and its security was also tested.

1.8       Scope
This thesis is focused on web services and its implementation. The technology used is the Service Oriented Architecture (SOA). A SOAP based web service is developed for both the client and the server. In this thesis the RESTful architecture which is another SOA technology and similar to SOAP was not used for the service development but it was reviewed in the literature. Added to the above the thesis dwells the development of a secured communication system between Kumasi Polytechnic and all its nancial agents.

1.9       Organization of Thesis 
Chapter one in this thesis talks about the introduction and background of the study.Chapter two is the literature review. Literature in the area of this study are reviewed and summarized.The methodology employed in this study is presented in chapter three.The analysis and simulation re-sults are presented in chapter four. Chapter ve encompasses the conclusion and recommendations for further research.

For more Computer Science Projects Click here
===================================================================
Item Type: Ghanaian Project Material  |  Attribute: 96 pages  |  Chapters: 1-5
Format: MS Word  |  Price: GH50  |  Delivery: Within 30Mins.
===================================================================

Share:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Search for your topic here

See full list of Project Topics under your Department Here!

Featured Post

HOW TO WRITE A RESEARCH HYPOTHESIS

A hypothesis is a description of a pattern in nature or an explanation about some real-world phenomenon that can be tested through observ...

Popular Posts