list

							                                    SYNOPSIS

To harness the safe operation of Web-based systems in Web Environments, we propose
an SSPA (Server based SHA-1 Page Digest Algorithm) to verify the integrity of web
contents before the server issues an HTTP response to a user request. In addition to
standard security measures, our Java implementation of the SSPA, which is called the
Dynamic Security Surveillance Agent (DSSA), provides further security in terms of
content integrity to Web-based systems. Its function is to prevent the display of Web
contents that have been altered through the malicious acts of attackers and intruders on
Client machines.

This is to protect the reputation of organizations from Cyber Attacks and to ensure the
safe operation of web systems by dynamically monitoring the integrity of a Web site’s
content on demand.

Our Algorithm running at the server prevents display of the web page which has been
modified by malicious attacks. This is done by blocking material that doesn’t match its
true finger print (Page digest).




                                                                                       I
                          LIST OF TABLES

TABLE NO                         NAME                        PAGE NO


2.1        Technical features and benefits of BEA WebLogic   27
           Server 8.1

2.2        Technical features and benefits of BEA WebLogic   28
           Server 8.1(cont.)


4.1        Symbols in DFD                                    38




                                                                       II
                           LIST OF FIGURES

 FIGURE NO                           NAME                      PAGE NO

2.1          Compiling and interpreting java source code   8

4.1          Spiral Model                                  35

4.2          System architecture                           36

4.3          Initial DFD                                   42

4.4          Level 0 DFD for Admin                         42

4.5          Level 1 DFD for Admin                         43

4.6          Level 2 DFD for Admin                         43

4.7          Level 0 DFD for User                          44

4.8          Use Case Diagram for Dynamic Web Agent        46

4.9          Class Diagram for Dynamic Web Agent           47

4.10         Sequence Diagram for Dynamic Web Agent        48

4.11         Activity Diagram for Dynamic Web Agent        49

4.12         State chart Diagram for Dynamic Web Agent     50

4.13         Component Diagram for Dynamic Web Agent       51

4.14         ER Diagram for Dynamic Web Agent              52

4.15         Data Dictionary of Admin Table                53

4.16         Data Dictionary of DWADigest Table            54

4.17         Data Dictionary of Recorder Table             55

5.1          Admin Database                                66



                                                                     III
FIGURE NO                        NAME   PAGE NO


5.2         DWADigest Database          67

5.3         Recorder Database           68




                                              IV
                     LIST OF ACRONYMS

CSS     :       Cascading Style Sheets

DBMS    :       Database Management System

DFD     :       Data Flow Diagram

DHTML   :       Dynamic Hyper Text Markup Language

DSSA    :       Dynamic Security Surveillance Agent

HTML        :   Hyper Text Markup Language

HTTP    :       Hyper Text Transfer Protocol

JDBC    :       Java Data Base Connectivity

JVM     :       Java Virtual Machine

JSP     :       Java Server Package

MD5     :       Message Digest 5

ODBC    :       Open Data Base Connectivity

SQL     :       Structured Query Language

SSPA    :       Server based SHA-1 Page Digest Algorithm

UML     :       Unified Modeling Language

URL     :       Uniform Resource Locator

XML     :       Extensible Markup Language

                                                           V