Documente Academic
Documente Profesional
Documente Cultură
Team Members
Emre Genco YAKAR mit Caferi Elif Serim Hilmi Emre LKER
Version 1.0
Person Responsible Emre Genco YAKAR mit CAFER Elif SERM Hilmi Emre LKER
Date 20.03.2011
ii
Table of Contents
Table of Contents...................................................................................................iii List of Figures........................................................................................................iv List of Tables..........................................................................................................v Introduction............................................................................................................1 1.1 Purpose ........................................................................................................ 1 1.2 Scope ...........................................................................................................1 1.3 References.................................................................................................... 2 1.4 Definitions and Acronyms..............................................................................2 Overall Description.................................................................................................2 1.5 Objectives of the Project...............................................................................3 1.6 Functional Requirements of the Product.......................................................3 1.6.1 Use Case Model/Context Diagram...........................................................3 1.6.2 System Feature.......................................................................................4 1.6.3 Use Cases Specifications.........................................................................5 1.7 Non-Functional Requirements and Constraints of the Product ...................16 1.7.1 Usability................................................................................................16 1.7.2 Performance..........................................................................................16 1.7.3 Supportability........................................................................................16 1.7.4 Implementation.....................................................................................16 1.7.5 Security.................................................................................................16 1.7.6 Reliability..............................................................................................16 1.7.7 Availability............................................................................................17 1.7.8 Maintainability.......................................................................................17 System Models of the Product..............................................................................17 1.8 Activity Diagrams for the main scenario of the use case............................17 1.9 System Sequence Diagrams for the main scenario of the use cases ........22 1.10 Graphical User Interface mock-up screen.................................................30
iii
List of Figures
Figure 1 Use Case Diagram of Manage Document Operations...............................3 Figure 2 Use Case Diagram for member and admin operations.............................4 Figure 3 Activity Diagram for Registration...........................................................18 Figure 4 Activity Diagram for Manage Documents...............................................19 Figure 5 Activity Diagram for Send E-Mail............................................................20 Figure 6 Activity Diagram for Verify Registration.................................................21 Figure 7 System Sequence Diagram for Delete Document...................................22 Figure 8 System Sequence Diagram for Download Document.............................23 Figure 9 System Sequence Diagram for Manage Document................................24 Figure 10 System Sequence Diagram for Register...............................................25 Figure 11 System Sequence Diagram for Send E-Mail..........................................26 Figure 12 System Sequence Diagram for Share Document..................................27 Figure 13 System Sequence Diagram for Upload Document................................28 Figure 14 System Sequence Diagram for Verify Registration...............................29 Figure 15 Mock-up Screen Login Screen............................................................30 Figure 16 Mock-up Screen Main Screen.............................................................31 Figure 17 Mock-up Screen Document Sharing Screen.......................................32 Figure 18 Mock-up Screen Admin Login Screen.................................................33 Figure 19 Mock-up Screen E-mail Sending Screen.............................................34
iv
List of Tables
Table 1 UCS Manage Document...........................................................................6 Table 2 UCS Upload Document............................................................................7 Table 3 USC Delete Document.............................................................................8 Table 4 USC Share Document............................................................................10 Table 5 USC Download Document.....................................................................12 Table 6 USC Send E-Mail....................................................................................13 Table 7 USC - Register..........................................................................................14 Table 8 USC - Verify Registration..........................................................................16
vi
Introduction
This part of SRS contains the Purpose, Scope, References and Definitions and Acronyms of Online Secure Document Sharing and Management System.
1.1 Purpose
The purpose of this project is to develop an online and secure document sharing and management system which allows secure and efficient document distribution and sharing between all users. It provides storage, sharing and security capabilities such as message privacy, integrity and authenticity with the help of cryptographic algorithms and related protocols. Only authorized users can access specific documents and produce digital signatures for them and also can share with other users.
Describe the requirements for the customer, Provide an agreement between customer and project group, Help for implementation of the system for software developers, Show the relation between system users (admin, customer) with use case diagrams.
1.2 Scope
In this project we are planning to have file upload-download, encryption, decryption, creating digital signature and certificate such as x509 in a single web site. It will be a web-based project which enables user to share documents with each other. It will be an in-line system which means that each operation will be done in server-side. Nobody will be able to deny what he/she sends or receives by the help of digital signature. The site will do key management with the use of protocols and algorithms. It will also keep the log records. There will be two user types; admin and members. Admin will give members some rights to access specific documents. Admin will be able to add, remove the documents and members can only share and access specific documents.
1.3 References
IEEE Std 830-1998 <IEEE_Std_830_1998_IEEE_recommended_practice_for_software_req.pdf> Team-41 Initial Plan CTIS359 Lecture Notes Software Requirements Specification. Albayrak, Dr. zlem, < http://www.bilkent.edu.tr/~ozlemal/> http://en.wikipedia.org/wiki/software_requirements_specification UML Sequence Diagrams, <http://www.agilemodeling.com/artifacts/sequenceDiagram.htm> Use-case, < http://www.usecase.org/> UML 2 Activity Diagram, <http://www.agilemodeling.com/artifacts/activityDiagram.htm>
Overall Description
This part of the document describes the objective of the project, functional, non-functional requirements and constraints of the product.
Document sharing with versioning, tasks and discussions. End-to-end security and rights protection give you complete control over confidential document access, printing, saving and forwarding. Our secure online document management system lets you store and organize documents online and access them. User can share documents online and collaborate on them with colleagues, customers and partners.
3
Figure 1 Use Case Diagram of Manage Document Operations
15. System shall support following encryption methods to the users for shared documents. a. X.509 Certificate generation and use b. Digital Signatures Generation: Public key Encryption Algorithms (RSA) and Hash functions (SHA-2) c. Digital Signatures Verification d. Symmetric Encryption: Block Ciphers (AES) e. Symmetric Encryption Key Sharing with Public Key Encryption f. Revocation of X. 509 Certificates and Online Certificate Status Protocol (OCSP) support. 16. System shall support users to the create and use their own computation facilities for shared document encryption 17. System shall support data flows with HTTPS protocol. 18. System shall create and keep signatures for every state change of a shared document. 19. System shall create and keep signatures for every server activities. 20. System shall provide the ability to the users to sign their every activity digitally. 21. System shall create and send notifications to the all related users of a shared document. 22.System shall provide the ability to digitally sign a received document by using Nonrepudiation Service with proof of receipt for protecting the originator against an attempt by the recipient to falsely deny receiving the data 23.System shall support signature verification of a received document by using Non-repudiation service with proof of origin service for protecting the recipient against an attempt by the originator to falsely deny sending the data. 24. The language of user interface shall be written as English.
Step 1: Manage Document button is clicked from the left menu. Step 2: Manage Document Web page is displayed. Exception Conditions: N/A
Post-Conditions
Use-Case Name Use-Case ID Primary System Actor Other Participating Actor(s) Description Precondition Trigger Flow of Activities:
This use case describes the event of uploading a new document to the OSDSMS. User must log in to the system. When Upload Document button is clicked. Actor Step 1: Manage Document button is clicked from the left menu. Step 2: Manage Document Web page is displayed. Step 3: Upload Document button is clicked. Step 4: File browser screen is displayed. System
Step 5: The document is selected from the browser which is going to be uploaded to the system.
Step 7: User completes upload activity by filling User Signature field. Step 8: User signature is verified.
Step 10: Upload Activity is logged in the database. Exception Conditions: After Step7: If the user is not filled signature field correctly Warning Message is displayed. The document is uploaded to the system.
Table 2 UCS Upload Document
Post-Conditions
Use-Case Name Use-Case ID Primary System Actor Other Participating Actor(s) Description
This use case describes the event of deleting a document from OSDSMS. User must log in to the system When the Delete Document button is clicked Actor Step 1: Manage Document button is clicked from the left menu. System Step 2: Manage Document page is displayed.
Step 5: The document is selected from the list which is going to be deleted from the system. Step 7: Delete confirmation tab is displayed. Step 6: User clicks Yes button. Step 9: User signature is verified.
Step 10: Document is deleted from the system. Step 11: A new signature is assigned to the Delete activity.
Step 12: Delete Activity is logged in the database. Step 13: Notification message is sent to Share List (selected users). Exception Conditions: After Step 9: If the user is not filled signature field correctly Warning Message is displayed. The selected document should be deleted from the system
Table 3 USC Delete Document
Post-Conditions
Use-Case Name
Share Document
System Analysis
This use case describes the event of deleting a document from OSDSMS. User must log in to the system. The document which is to be shared, must be uploaded to the system.
Precondition
When the Share Document button is clicked Actor Step 1: Manage Document button is clicked from the left menu. Step 2: Manage Document page is displayed. Step 3: Share Document button is clicked. System
Step 5: The document is selected from the list which is going to be shared from the system.
Step 4: The current users documents on the system are listed on page.
Step 8: User selects other users from the user list to share the document and clicks OK. Step 9: User completes upload activity by filling User Signature field.
Step 11: Share Activity is logged in the database. Step 12: Notification message is sent to Share List(selected users). Exception Conditions: After Step 9: If the user is not filled signature field correctly Warning Message is displayed. The selected document should be shared with the selected users
Table 4 USC Share Document
Post-Conditions
Use-Case Name Use-Case ID Primary System Actor Other Participating Actor(s) Description
This use case describes the event of download a document from OSDSMS. User must log in to the system An Uploaded or a Shared document must exist in the system.
Precondition
Step 1: Manage Document button is clicked from the left menu. Step 2: Manage Document page is displayed. Step 3: Download Document button is clicked.
Step 7: The document is selected from the list which is going to be downloaded from the system.
Step 8: Verify Sender button is clicked. . Step 9: System verifies the sender`s signature.
Step 11: User completes download activity by filling User Signature field. Step 12: User signature is verified.
11
Step 11: Download Activity is logged in the database. Step 12: Confirmation message is displayed. Exception Conditions: After Step 9: If the senders signature is not verified by the system Unknown Sender message is displayed. After Step 12: If the user is not filled signature field correctly Warning Message is displayed. Post-Conditions The selected document should be downloaded from the system.
Table 5 USC Download Document
Use-Case Name Use-Case ID Primary System Actor Other Participating Actor(s) Description
This use case describes the event of sending an email to the other users on OSDSMS. User must log in to the system When the Send Email button is clicked Actor Step 1: Send Email button is clicked from the left menu. Step 2: Email page is displayed. Step 3: Compose button is clicked. System
12
Step 6: Send button is clicked. Step 8: System verifies the sender`s signature.
Step 7: User completes send email activity by filling User Signature field.
Step 11: Send Email Activity is logged in the database. Step 12: Confirmation message is displayed. Exception Conditions: After Step 9: If the user is not filled signature field correctly Warning Message is displayed. The email should be sent to the selected users.
Table 6 USC Send E-Mail
Post-Conditions
13
N/A This use case describes the event of registration of a user to the OSDSMS. The user must visit OSDSMS web page. When the Online Registration button is clicked Actor Step 1: Online Registration button is clicked on the main page. Step 2: Registration page is displayed. Step 3: User fills all required registration fields. System
Step 5: The correctness of the required fields is checked. Step 6: The Registration request is sent to the Administrator system. Step 7: A new signature is assigned to the Request Registration Activity. Step 8: Request Registration Activity is logged in the database. Step 9: Confirmation message is displayed.
Exception Conditions:
After Step 5: If the user is not filled required registration fields correctly Warning Message is displayed. The Registration request should be sent to the Administrator.
Table 7 USC - Register
Post-Conditions
Use-Case Name
Verify Registration
14
System Analysis
This use case describes the event of verification registration of a user to the OSDSMS. The user must request registration to the OSDSMS. When the Verify Registration button is clicked Actor Step 1: Verify Registration button is clicked on the main page. Step 2: Verification page is displayed. Step 3: Admin selects a request from the list. Step 4: Accept and Reject buttons are displayed. System
Step 7: User certification is created. Step 8: A new signature is assigned to the Verification Activity. Step 9: Verification Activity is logged in the database. Step 10: Confirmation message is displayed. Exception Conditions: After Step 5: If the admin clicks `Reject` button registration request will be cancelled. The user should be registered to the system with created certification. 15
Post-Conditions
1.7.2 Performance
If approximately 120 users use the system at the same time, there must be no impact on the system performance. Searching and displaying a product on the screen shall take max 10 seconds. Logging in to the system shall take max 2 seconds for administrators. Logging in to the system shall take 3 seconds for users.
1.7.3 Supportability
The system shall be supported by coders. The system shall allow users to update their personal information. The system shall allow administrators to update their personal information.
1.7.4 Implementation
Both users and the administrators shall be able to access the system interface via web browser (e.g. Internet Explorer 6.0 or better versions) The system shall run on any Windows operating system.
1.7.5 Security
User name and password shall be encrypted in the database. Servers shall have the SSL Certification. Each employee must have the username and password for taking the test
1.7.6 Reliability
16
The system shall be available to be used whenever the users and administrators login to the system by entering their user name and passwords.
1.7.7 Availability
The system shall be available for administrators thanks to Internet connection and their proper work computers. The system must be available whenever users have intranet connection and proper worked hardware. The system shall be available for users thanks to Internet connection.
1.7.8 Maintainability
The system shall be changeable and upgradeable according to new requirements. If there is need for defect correcting and determining new requirements, system will be changed.
17
18
19
20
21
1.9 System Sequence Diagrams for the main scenario of the use cases
22
23
24
25
26
27
28
29
30
31
32
33
34