SECURITY NETWORK PROGRAMMING (SECURED CLIENT-SERVER CHAT APPLICATION)
Several security network systems are built to communicate with one another and are made available through service-oriented architectures. In this project, we use the client server architecture to develop a secured Client-Server chat application. A chat application is created based on Transmission Control Protocol (TCP) where TCP is connection oriented protocol and in the end, multithreading is used to develop the application.
A client-server chat application consists of a Chat Client and a Chat Server and there exists a two way communication between them. Here, Message Processor is used to interpret message from the user, Message Interpreter is used to extract and pass the received message. Message Maker is used to construct back the message and Client Manager is used to maintain the clients list which the sender and receiver at both sides use to interact with each other.
In general, the server process will start on some computer system; in fact, the server should be executed before the client. Server usually initializes itself, and then goes to wait state or sleep state where it will wait for a client request. After that, a client process can start on either the same machine or on some other machine. Whenever the client wants some service from the server, it will send a request to the server and the server will accept the request and process it. After the server has finished providing its service to the client, the server will again go back to sleep, that is, waiting for the next client request to arrive. This process is repeated as long as the server processes is running. Whenever such request comes, the server can immediately serve the client and again go back to the waiting state for the next request to arrive.
- BACKGROUND OF THE STUDY
Client server model is the standard model which has been accepted by many for developing security network applications. In this model, there is a notion of client and notion of server. As the name implies, a server is a process (or a computer in which the process is running) that is offering some services to other entities which are called clients. A client on the other hand is process (which is running) on the same computer or other computer that is requesting the services provided by the server.
A chat application is basically a combination of two applications:
- Server application
- Client application
Server application runs on the server computer and client application runs on the client computer (or the machine with server). In this chat application, a client can send data to anyone who is connected to the server.
Java application programming interface (API) provides the classes for creating sockets to facilitate program communications over the security network. Sockets are the endpoints of logical connections between two hosts and can be used to send and receive data. Java treats socket communications much as it treat input and output operations; thus programs can read from or write to sockets as easily as they can read from or write to files.
To establish a server connection, a server socket needs to be created and attached to a port, which is where the server listens for connections. The port recognizes the Transmission Control Protocol service on the socket. For instance, the email server runs on port 25, and the web server usually runs on port 80.
Server Execution: At server the side, a thread is created which receives numerous clients’ requests. It also contains a list in which Client’s name and IP addresses are stored. After that, it broadcast the list to all the users who are currently in chat room and when a client logs out then server deletes that particular client from the list, update the list and then broadcast the list to all available clients.
Client Execution: A client firstly must have to register itself by sending username to the server and should have to start the thread so that system can get the list of all available clients. Then any of two registered clients can communicate with each other.
- STATEMENT OF THE PROBLEM
The client-server communication model is used in a wide variety of software applications. Where normally the server side is sufficiently protected and sealed from public access, but client applications running on devices like notebooks and desktops are considered insecure and exposed to security threats.
The main weakness of client-server chat application is that there is no security provided to data which is transferred between clients. Any unauthorized client can hack the client account and can change the data. This is the main objective of this project (To develop a secured Client-Server Chat Application).
- OBJECTIVES OF THE STUDY
The aim of this project is to develop a reliable and secure security network programming (Client-Server chat model) which can perform a multithreaded server client chat application based on Java socket programming using Transport Control Protocol (TCP). As security is the key factor while communicating over a security network, hash function with salt is used for the Database based on a number of benefits. MySQL became the choice for the implementation of this application based on its scalability and flexibility, high performance, high availability, strong data protection, web and data warehouse strengths, management ease, lowest total cost of ownership and open source freedom.
- SIGNIFICANCE OF THE STUDY
Apart from just performing the regular client server chat, this client-server chat is robust and significant in the following ways:
This project use MySQL for its database to make information in the database secure. The personal details and messages including the private messages in the Database are encrypted using encryptor (one of the security facilities available in the MySQL).
This project implements hash function with the password before the encryption and then stored in the Database. It also uses random generated numbers (salt) that is calculated together with the passworded hash values and stored in the Database. As a result, even if the database is compromised, the salt added to hash values makes it harder to compute the original password. This random salt is used with the hash function to significantly increase the strength of encrypting passwords and thus makes cracking greatly impossible. This makes the chat application server reliable and more secured.
Another significance of this application is private chatting. This is where two users can chat in private. The messages between the users are not displayed / seen in the general chat display text field. The messages are displayed only within the private message display text field.
- SCOPE OF THE STUDY
The project shall consider among other things the following issues:
- To provide a better understanding of how security network programming in java works.