Software Architecture Software Architecture Group

Document Sample
Software Architecture Software Architecture Group Powered By Docstoc
					      Software Architecture
             Group 2
   Implementation of Banking
    Application System using
Repository/Blackboard Architecture
          Nabil Hurtado
          Nardos Desalew
          Ranata Ty
          Thedy Suandi Wana
                        Agenda
• Thedy
  – Repository/Blackboard Architecture
  – Functional Requirement
• Nardos
  – Non-Functional Requirement
     • Authentication
     • Authorization
• Ratana
  – Non-Functional Requirement
     • Encryption (Https)
• Nabil
  – Web-service
     Wholeness of the System
• Bank System  Repository/Blackboard
  Architecture Style
  – Blackboard
    • central data structure
    • Bank transaction database
  – Knowledge Sources
    • Computational processes
         Architecture Solution
• System Model: centralized data
• Components: blackboard, knowledge sources
• Connectors: computational units interaction by
  procedure call
• Constraints: security (non-functional req’s)
• Containers: JVM, Web container
• Control Structure: internal (depends on state
  computation, as for blackboard)
       Functional Requirement
•   Open account      useCase1
•   Close account     useCase2
•   Deposit money     useCase3
•   Withdraw money    useCase4
•   Transfer money    useCase5
•   Get Statement     useCase6
            Open Account
           apply
                            start
customer


                        Existing
                                                 yes
                       customer?
                      (check DB)

                               no

                                                    Add account to
                                                existing account holder
                      Fill data profile




                   Add account to DB
                      (approval)




                                          end
                      Close Account
           apply
                                     start
customer            account
                    manager

                                 Balance = 0?
                                                 yes
                                 (check DB)


                                        no


                           no    Balance > 0?
                                 (check DB)


                                           yes

             Message:
            “can’t close        Withdraw money
             account”

                                                     Close account
                                                 (delete account in DB)




                                     end
Deposit Money
           approval
                            start
customer


                      Add money to the
                          account




                           Display
                           balance




                            end
   Withdraw Money
           approval
                             start
customer


                       amount<=balance
                              ?




                                                   Message:
                      deduct amount money
                                                  “not enough
                        from the account            money”




                                            end
Transfer Money
            approval
                              start
 customer


                       Apply withdraw to
                           account




                        Apply deposit to
                          accountTo




                              end
Get Statement
           approval
                               start
customer


                      get Transaction record
                      for the account in DB




                              Display
                             statement




                               end
                 Block Diagram                                              GUI



                   ks5                ks4                                ks3                     ks2                         ks1
               getStatement         transfer                          withdraw                 deposit                      login



    WEB

                                                                 Repository (Blackboard)


    Ks6
                                                                                               ScrtyMgr
   login
                                                            Account



                          AcctMgr
                                                    *
    ks5                                                 1
getStatement                           AcctHolder
                                                                                                 Certificate
                                                                                                                            AccessRules
                                                                            User           1                            1



    ks4
                                           Staff
  transfer
                   Transaction                                                      Approval                   Denial



                                                                 Database




                                                                       JDBC



                                                                      DB
                                            Class Diagram
       AcctMgr                 Account                    AcctHolder
    (from blackboard)       (from blackboard)            (from blackboard)
                                                                                                                                                                            ScrtyMgr
                                                                                                                                                                         (from blackboard)
                        number : int                     uid : String
AcctMgr()               balance : double                 PIN : String
open()                  type : String                                                                                                                                     ScrtyMgr()
                                                         name : String
close()                 name : String                                                                                                                                     login()
                                                         city : String
withdraw()              created : String                 zip : String
deposit()                                                state : String
transfer()              Account()                        email : String
selectAccount()                                                                                                        -cert
                        Account()                        phone : String
selectUserAccounts()                                                                               <<Interface>>                                     AccessRules
                        getNumber()                                                                                                                  (from blackboard)
logTransaction()        setAccountNumber()               AcctHolder()                               Certificate
statement()             getBalance()                                                               (from blackboard)                          open : boolean
                                                         AcctHolder()
                        setBalance()                                                                                                          close : boolean
                                                         getPIN()
                        getHolder()                                                                                                           withdraw : boolean
                                                 -holder setPIN()                                                                             deposit : boolean
                        setHolder()                      getUid()
                        getType()                                                                                                             transfer : boolean
                                                         setUid()
                        setType()                                                                                                             statement : boolean
                                                         getCity()
                        deposit()                        setCity()             <<Interface>>                                                  AccessRules()
                        withdraw()                       getEmail()                 User                                                      getClose()
                        getName()                        setEmail()            (from blackboard)                                              getDeposit()
                        setName()                        getName()                                                                            getOpen()
     Transaction        setNumber()                      setName()
    (from blackboard)   getCreated()                                                                                                          getStatement()
                                                         getPhone()                                                                           getTransfer()
 date : String          setCreated()                     setPhone()                                                                           getWithdraw()
 from : int                                              getState()                                  Denial                                  -rules
 to : int                                                setState()                          (from blackboard)
 amount : double                                         getZip()                         message : String
                                Database
 description : String        (from blackboard)           setZip()
                                                                                                                                    Approval
                        database                                                          Denial()                               (from blackboard)
 Transaction()                                                                            getMessage()
                        driver                                                                                                 certid : String
 getAmount()                                                                              setMessage()
 getDate()                                                        Staff                                                        accounts : Vector
                        Database()
 getDescription()                                          (from blackboard)
                        finalize()                                                                                             Approval()
 getFrom()                                              name : String
                        connect()                                                                                              Approval()
 getTo()                                                username : String
                        disconnect()                                                                                           getCertid()
                        selectAcctHolder()              email : String
                                                                                                                               setCertid()
                        selectAcctHolder()                                                                                     getAccounts()
                        selectStaff()                   Staff()
                                                        Staff()                                                                setAccounts()
                        selectAccount()                                                                                        getUser()
                        selectUserAccounts()            getEmail()
                                                        setEmail()                                                             setUser()
                        selectCustomerCount()                                                                                  getRules()
                        selectAccountCount()            getName()
                                                        setName()                                                              setRules()
                        insertAcctHolder()
                        insertAccount()                 getUsername()
                        updateAccount()                 setUsername()
                        insertTrnasaction()
                        selectTransaction()
                        deleteAccount()
   Non functional requirements
• Authentication
• Authorization
• Encryption
            Authentication
The system should be able to identify a client
i.e users need to log into the systemdatabase
 contains user id and PIN information
The certificate concept was introduced here
The blackboard serves disparate knowledge
 sources
   • Knowledge sources from a web client
   • Knowledge sources from a Swing client
                Authentication
Reification: A security manager class was
 introduced in the blackboard
    ScrtyMgr
The login() method of this class takes three
 parameters: UID, PIN, and TYPE
UID: User Id
PIN: Password
TYPE: Whether the KS is Web based or Swing
             Authentication
For web based knowledge sources, the
 security manager looks up client table
For swing knowledge sources, the security
 manager looks up staff table
If the login succeeds, the security manager
 gives an approval certificate
If the login fails, the security manager gives
 a denial certificate
           Authentication

              Certificate




Approval                    Denial
            Authentication
The web based knowledge source stores the
 certificate in a session variable
The swing based knowledge source stores
 the approval certificate in a member
 variable
Whenever the knowledge sources “come
 back” to ask for a service, they show their
 certificate to the account manager
             Authorization
Once the security manager authenticates a
 user, it has to define access rules to the
 various services
  Is opening account allowed for all users?
  Is view bank statement allowed for everybody?
The security manager stores this
 authorization information in the certificate
              Authorization
Reification: Authorization rules are reified
 as the AccessRules class
  Public class AccessRules {
    private boolean open;
    private boolean close;
    private boolean transfer;
    …
  }
               Encryption
Data has to be securely sent between two
 end points
HTTP does not guarantee that since it is a
 simple text based protocol
Solution: HTTPS
          Encryption (cont)
Scenario (https)
 https for encrypting messaging and making
 digital signature.
                request (encrypted)




                 response (encrypted)

      browser                           web server
                  Encryption (cont)
Technical (https)
 1- Client Side
     - Forget about it
 2- Server Side
     - keytool (%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA )
     - Tomcat configuration file
                Encryption (cont)
<Connector port="8443"
  className="org.apache.coyote.tomcat5.CoyoteConnector"
        maxThreads="150" minSpareThreads="25"
  maxSpareThreads="75"
        enableLookups="false" disableUploadTimeout="true"
        acceptCount="100" debug="0" scheme="https" secure="true"
       keystorePass="thedyandi"
       keystoreFile="C:/Documents and Settings/thedys/.keystore"
        clientAuth="false" sslProtocol="TLS" >
   <Factory
  className="org.apache.coyote.tomcat5.CoyoteServerSocketFactory"
  clientAuth="false" protocol="TLS" />
 </Connector>
Encryption (cont)
Web Service

				
DOCUMENT INFO