Advanced Software Engineering
Advanced Software Engineering CS 430
Popular in Course
Popular in ComputerScienence
This 28 page Class Notes was uploaded by Abe Jones on Saturday September 12, 2015. The Class Notes belongs to CS 430 at West Virginia University taught by Bojan Cukic in Fall. Since its upload, it has received 16 views. For similar materials see /class/202752/cs-430-west-virginia-university in ComputerScienence at West Virginia University.
Reviews for Advanced Software Engineering
Report this Material
What is Karma?
Karma is the currency of StudySoup.
Date Created: 09/12/15
Design Specification Document Secure Transfer Version 10 March 11 2008 Alex Baker Matt Bartenschlag Sue Morris Yin Xu Contact Matt Bartenschlag mbartensmixwvuedu 1 oftware Design Specification Goals and Objectives Statement of Scope Software nntext 1 1 1 1 Major Constraints 41 Hardware 39 quot quot 42 System Security A ewwam 2 U ata Design Internal Software Data Structure File Listing Management 1 211 212 Managing File Transfers 213 Managing Files on the Remote Server 22 Global Data quot 23 Database Design 231 Patients Table Structure 3 Architectural and ComponentLevel Design Program Structure A t LOOLOOOOOVVVVVVGGGUIUIUIUI Diagram 32 r nnner t 10 321 PSPEC 10 322 Interface F 39 quot 10 P 39 5 Detail 10 33 quot 11 331 PSPEC 11 332 Interface F 39 quot 11 333 Iquot 39 a detail 11 34 queueTransfer 12 341 PSPEC 12 342 Interface F 39 quot 12 343 Iquot 39 a detail 12 35 getNextTransfer 13 351 PSPEC 13 352 Interface F 39 quot 13 353 P 39 5 Detail 13 36 stopTransfer 14 361 PSPEC 14 362 Interface F 39 quot 14 363 P 39 5 Detail 14 37 stopAllTransfers 15 371 PSPEC 15 372 Interface F 39 quot 15 373 Iquot 39 5 Detail 15 38 clearTransfer 16 381 PSPEC 16 382 Interface F 39 quot 16 3 P 39 5 Detail 16 39 clearAllTransfers 17 391 PEC 17 392 Interface F 39 quot 17 quot 39 Detail 17 39 a 4 5 6 7 310 cIearCompIetedTransfers 3101 PSPEC 18 3102 Interface F 39 quot 18 3103 Iquot 39 5 Detail 18 311 cIearTerminatedTransfers 19 3111 PSPEC 19 3112 Interface F 39 quot 19 3113 Iquot 39 5 Detail 19 312 sendFiIe 20 3121 PSPEC 20 3122 322 Interface description 20 3123 Iquot 39 a ai 20 313 getFile 21 3131 PSPEC 21 3132 Interface F 39 quot 21 3133 lquot 39 5 Detail 21 314 search 77 3141 PSPEC 22 3142 Interface F 39 quot 22 3143 P 39 5 Detail 22 315 displayOptionsPane 23 3151 PSPEC 23 3152 Interface description 23 3153 Iquot 39 a detail 23 316 ShOWquotquot 39 39ngin 24 3161 PSPEC 24 3162 Interface F 39 quot 24 3163 lquot 39 5 Detail 24 317 showAdminPane 25 3171 PSPEC 25 3172 Interface F 39 quot 25 3173 P 39 5 Detail 25 User Interface Design 26 41 Description of the User Interface 26 4 11 Transfers Pane 26 412 Search Pane 26 413 Login Rm 26 4 1 4 Local Pane 26 415 Admin Pane 26 42 Interface Design Rules 29 421 Transfers Pane 29 Restrictions Limitations and f 39 30 Testing Issues 31 61 Classes of Tests 31 611 Client Testinn 31 612 Server Testing 31 62 Expected software response 32 621 Client Testinn 32 622 Server Testing 32 63 Performance bounds 32 quot quot 33 71 72 721 722 723 724 725 726 System T quotquotquot Matrix SSH Protocol RFC 4750 SSH Protocol RFC 4251 Error Bookmark not defined SSH Protocol RFC 4757 SSH Protocol RFC 475 SSH Protocol RFC 4254 JSCAPE Secure FTP Factory 1 Software Design Specification 11 Goals and Objectives This document defines the implementation details for the Secure Transfer system as well as the functions error handling and the general constraints put on the software 12 Statement of Scope This system will be responsible for many tasks It will allow the encrypted transfer of medical records and other critical files it will provide enhanced security to prevent unauthorized users from accessing the system finally it will provide logging functionality so that all interactions with the system can be viewed The management security and accuracy of the files transmitted by this system are not within the scope of this project 13 Software Context The United States Government has requested an application that will allow rapid access to the medical records of military personnel from a central server in Washington DC These records will allow doctors nurses and other qualified individuals to quickly aid a patient by having immediate access to the patient s medical history Conversely physicians and other qualified individuals will be able to update the currently stored file on the central server 14 Major Constraints 141 Hardware Limitations The central server requires sufficient storage space which can possibly exceed multiple terabytes of data depending on the size of the records stored on it Additionally it is imperative that the data be mirrored and backed up on a routine basis The most significant constraint forthis system is bandwidth Without sufficient bandwidth the transmission of files will be very slow It is highly recommended the download forthe largest record on the servertake less than two minutes Because more and more locations will attempt to access the sewer the network must be scalable to accommodate demand Processing power is another significant constraint for the system though it is much less of a bottleneck than bandwidth The SSH protocol encrypts data before transmission and then decrypts it once it is received This encryptiondecryption process uses computing power and it can consume a large number of resources on the central server Therefore as the system grows additional processing power must be available to prevent a steep decline in performance 142 System Security System security is a crucial constraint for Secure Transfer Because of the nature of the SSH Protocol anyone with access to the central server can manipulate files it is imperative that only authorized users be able to access the central server Secure Transfer has taken steps that will discourage several common attempts to forcefully gain access to the system These steps include implementing a port knocking protocol limiting access to only authorized machines and users and keeping persistent logs 2 Data Design 21 Internal Software Data Structure 211 File Listing Management Lists are used to manage the records available on both to local machine and the remote server 212 Managing File Transfers The system is specified to only allow 3 concurrently active transfers at any given time Once 3 transfers have been started subsequent requests are stored in the queued queue When less than 3 transfers are active the first item in the queued queue is started 2121 Active The active transfers are managed by a list Once a transfer is started or once one completes it is removed from this list The size of this list is static by fixing the length of the active list it is easier to ensure that only 3 active transmissions can be running at any time 2122 Queued Queued transfers are managed by a queue of any length Ideally the queue will be implemented as a linked list so that the queue may grow and shrink freely 2123 Transfers List The transfers list is a set of FTPTransfer objects which include all objects in the active and queued queues as well as all transfers that have been completed or terminated 213 Managing Files on the Remote Server Remote files files stored on the server are stored in a splitdirectory tree format where singlecharacter commonalities are stored as directory trees Files are stored based off a 9digit integer based off of Social Security Numbers For an example case of the Social Security Number 123456789quot the file would be remotely stored as BASEDIR123456789ext where ext is an arbitrary file extension 22 Global Data Structures Global data structures are discouraged No global data structures should be used during implementation 23 Database Design Database functionality has been incorporated into the Secure Transfer program to allow for accelerated access to data The Secure Transfer database contains a single table the People table All medical records available for transfer must be listed in the database 231 Patients Table Structure 2311 fName This column is used to store the first name of a patient in the people table For practice purposes the first name is limited to a length of 255 characters 2312 lName This column is used to store the last name of a patient in the people table For practical purposes the last name is limited to a length of 255 characters 2313 dob This column is used to store the date of birth for a patient in the people table This string follows the format YYYYMMDD it therefore is never longer than 10 characters in length 2314 mid This column is used to store the Military ID associated with a patient in the people table Because Militaryle are of different formats the only restriction on this field is that it must be no longer than 100 characters 2315 ssn This column is used to store the Social Security Number associated with a patient in the people table Social Security Numbers are stored in the table in the format NNNNNNNNN where N is a digit O9 3 Architectural and ComponentLevel Design 31 Program Structure Data Architecture The Secure Transfer system is based on the Layered Architecture and Shared 311 Architecture Diauram Data F Transler g Server Web Server Database amp Firewall lnternel Se Provider Workstations System Architecture 32 connect 321 PSPEC This function connects a local machine to the remote server Processes performed during the connection are encapsulated into this function If the connection fails a Dialog box appears to indicate that an error was encountered Successfully logging into the system changes the state of the client to active 322 Interface Description This function accepts no parameters This function has no return type The side effect of this function is that the SFTP object representing a connection to the remote server now has an open socket associated with it 323 Processing Detail 3231 Restrictions and Limitations None 3232 Local Data Structures None 3233 Performance Issues Special consideration should be given to network connectivity 3234 Design constraints Only one active connection may be allowed at any given time This function relies on the SFTP object which represents a connection to the remote server 33 disconnect 331 PSPEC This function terminates the connection between the remote server and the local machine If no connection is present the system ignores disconnect requests 332 Interface Description This function has no parameters This function has no return type The side effect of this function is that the SFTP object representing a connection to the remote server closes the socket connection to the server 333 Processing detail 3331 Restrictions and Limitations None 3332 Local Data Structures None 3333 Performance Issues None 3334 Design constraints The client will ignore disconnect attempts if there is not an active connection This function relies on the SFTP object which represents a connection to the remote server 34 queueTransfer 341 PSPEC When the active queue is filled to capacity additional transfer requests are inserted into the queued queue The insertion is performed according to the strict definition to the queue First In First Out This function enqueues FTPTransfer objects into the queued queue for manipulation by the system Elements cannot be repeated in this queue 342 Interface Description This function accepts as a parameter a fiename that indicates the location of the file on the remote server This function has no return type The side effect of this function is that the queued queue contains the inserted element at its tail 343 Processing detail 3431 Restrictions and Limitations The queue used during implementation will be implemented by a linked list As a result the size of the queue can grow dynamically until the system runs out of memory Because each insertion will result in an iteration through the queue significantly large numbers of requests are discouraged 3432 Local Data Structures None 3433 Performance Issues As mentioned in Section 3431 queuing large quantities of files fortransfer will cause a significant decline in system performance 3434 Design constraints This function must be able to determine if the element about to be inserted is already present in the set of files that are actively being transferred or have been queued for transfer 35 getNextTransfer 351 PSPEC This function returns the next queued transfer from the queued transfers queue 352 Interface Description This function accepts no parameters This function returns a single transfer to be completed The side effects of this function include the removal of the front element of the queued queue 353 Processing Detail 3531 Restrictions and Limitations There are no restrictions or limitations for this function 3532 Local Data Structures No Local Data Structures are required for this function 3533 Performance Issues This function should not cause a significant decline in system performance 3534 Design Constraints This function requires ready access to the queued queue 36 stopTransfer 361 PSPEC This function stops an active transfer 362 Interface Description This function accepts as a parameter a unique identifier for the transfer This function has no return type This side effects of this function include a file transfer is stopped all temporary files associated with the transfer are deleted and the Transfer Pane is updated to reflect this change 363 Processing Detail 3631 Restrictions and Limitations There must be an existing file transfer 3632 Local Data Structures This function requires no Local Data Structures 3633 Performance Issues This function should not cause a significant decline in performance 3634 Design Constraints This function requires ready access to the active and queued transfers queues The Transfers Pane should allow for this function to be called via a context menu associated with each transfer 37 stopAllTransfers 371 PSPEC This function stops all currently active and queued transfers and places them into the terminated list Ideally this function will iterate through the list of active and queued transfers and call stopTransfer on each of those functions 372 Interface Description This function accepts as a parameter the active and queued queues This function has no return type The side effects forthis function include the termination of all active transfers the removal of all temporary files associated with the transfers and the removal of all transfers from the queued and active queues Stopped files cannot be restarted or resumed 373 Processing Detail 3731 Restrictions and Limitations This function has no restrictions or limitations If no transfers have been started nothing is changed Completed and previously terminated transfers are unaffected 3732 Local Data Structures This function requires no Local Data Structures 3733 Performance Issues This function should not cause a significant decline in performance regardless of the number of transfers affected 3734 Design Constraints This function requires ready access to the active and queued transfers queue 38 clearTransfer 381 PSPEC This function removes a selected transferfrom the Transfers Pane This is a GUI function 382 Interface Description This function requires no parameters There is no return type for this function This function removes the selected transfer from the Transfers Pane 383 Processing Detail 3831 Restrictions and Limitations There are no restrictions or limitations for this function 3832 Local Data Structures No Local Data Structures are needed for this function 3833 Performance Issues System performance should not be significantly impacted by this function 3834 Design Constraints This function is called from a context menu within the GUI That is a user right clicks on one or more selected transfers and then chooses to Clear Selected Transfersquot from the context menu This action removes the transfer from the transfer pane so the list of transfers and the transfers GUI must be accessible by this function 39 clearAllTransfers 391 PSPEC This function removes all completed or terminated transfers from the Transfers Pane 392 Interface Description This function accepts as a parameter a list of terminated and completed transfers This function has no return type This side effects of this function include the modification of the Transfers Pane and the removal of all terminated and completed transfers from the transfers list 393 Processing Detail 3931 Restrictions and Limitations There are no restrictions or limitations for this function 3932 Local Data Structures This function requires no Local Data Structures 3933 Performance Issues There are no Performance Issues associated with this function 3934 Design Constraints This function is called from a context menu within the GUI That is a user right clicks on one or more selected transfers and then chooses to Clear All Transfersquot from the context menu This action removes all completed and terminated transfers from the transfer pane so the list of transfers and the transfers GUI must be accessible by this function 310 clearCompletedTransfers 3101 PSPEC This function removes all completed transfers from the Transfers Pane 3102 Interface Description This function accepts as a parameter a list of completed transfers This function has no return type This side effects of this function include the modification of the Transfers Pane and the removal of all completed transfers from the transfers list 3103 Processing Detail 31031 Restrictions and Limitations There are no restrictions or limitations for this function 31032 Local Data Structures This function requires no Local Data Structures 31033 Performance Issues There are no Performance Issues associated with this function 31034 Design Constraints This function is called from a context menu within the GUI That is a user right clicks on one or more selected transfers and then chooses to Clear All Completed Transfersquot from the context menu This action removes all completed transfers from the transfer pane so the list of transfers and the transfers GUI must be accessible by this function 311 clearTerminatedTransfers 3111 PSPEC A processing narrative for component n is presented 3112 Interface Description This function requires an action or event by the user requesting to clear the terminated transfers from the status list This function takes input from the user in the form of a button click and the output is blanking the status list where terminated transfers exist The function also deletes any temporary files associated to existing terminated transfers The function requires no parameters and returns nothing 3113 Processing Detail 31131 Restrictions and Limitations None 31132 Local Data Structures Access to the temporary files location on the user s system ability to delete temporary files 31133 Performance Issues Special consideration should be given to considerably large files 31134 Design Constraints Local file system is inaccessible or unwritable making the function unable to delete in which case the user is prompted of this error and instructed to inform an administrator At least one terminated transfer must exist in the status list and a temporary file must exist to be deleted 312 sendFile 3121 PSPEC A processing narrative for component n is presented 3122 322 Interface description This function accepts as a parameterthe file name to be uploaded to the remote server This function returns a Boolean true if the transfer was successful or it returns a Boolean false if the transfer failed There are no side effects for this function 3123 Processing detail 31231 Restrictions and Limitations The user has read access to the local file and has write access on the server 31232 Local Data Structures File objects stored on the remote server are required for this function 31233 Performance Issues Special consideration should be given to considerably large files and network connectivity 31234 Design constraints The file must exist on the local file system and must be read accessible to the user 313 getFile 3131 PSPEC This function starts a transfer to download a file from the remote server Files downloaded from the server are stored in a temporary directory until file transfer is complete whereupon the file is moved to the correct local directory and the temporary file is removed 3132 Interface Description This function accepts as parameters the absolute path of a file on the remote directory in the format specified in Section 213 and the absolute path which will contain the downloaded file This function returns a truefalse Boolean based on successfailure respectively of the file download The side effect of this function is the modification of the Transfers Pane to indicate that a new download has started 3133 Processing Detail 31331 Restrictions and Limitations The user has local write access to where the file will be stored the temporary files location to be used during the download process and has read access to the remote file location and the remote file itself 31332 Local Data Structures Write access to the local system s temporary files location write access to the file s final destination 31333 Performance Issues Special consideration should be given to considerably large files and network connectivity 31334 Design constraints The file s final destination must have write accessibility to the user 314 search 3141 PSPEC This function allows a user to search the medical records according to the fields specified in Section 23 Searching is done using SSH and MySQL 3142 Interface Description This function accepts as parameters a set of search parameters including first name last name birthday Military ID and Social Security Number This function returns a set of results returned from query on the MySQL database There are no side effects for this function 3143 Processing Detail 31431 Restrictions and Limitations The user must have access to the mysql program that exists on the remote server 31432 Local Data Structures None 31433 Performance Issues Special consideration should be given to searches that will yield a large amount of results and network connectivity For example searching for all people with first names like J and last names like S will result in a great number of results To protect the system from this only 100 results are returned for any query 31434 Design constraints Only 100 results are to be returned for any query 315 displayOptionsPane 3151 PSPEC This function displays the Options Pane to any logged in user The Options Pane allows users to modify settings that apply only to the local machine and to themseWes 3152 Interface description This function has no parameters This function has no return type The side effect of this function is that the Options Pane is displayed The contents of the Options Pane are populated by the parselNl function 3153 Processing detail 31531 Restrictions and Limitations None 31532 Local Data Structures None 31533 Performance Issues None 31534 Design constraints None 316 showAdminLogin 3161 PSPEC This function allows an administrator to log in at the local machine to access and modify the configuration for that machine 3162 Interface Description This function accepts no parameters This function has no return type The side effect of this function is that a dialog is opened asking for an administrator username and password Upon login this function calls the showAdn nPanefunc on 3163 Processing Detail 31631 Restrictions and Limitations None 31632 Local Data Structures None 31633 Performance Issues None 31634 Design constraints None 317 showAdminPane 3171 PSPEC This function is called after an administrator has logged into the system The Admin Pane allows administrators to easily access and modify local machine configuration settings 3172 Interface Description This function accepts as parameters a username and a password string This function has no return type The side effect of this function is that the Options Pane displays the Admin Pane outlined in Section 415 upon successful login 3173 Processing Detail 31731 Restrictions and Limitations Authentication against a builtin usernamepassword set 31732 Local Data Structures None 31733 Performance Issues None 31734 Design constraints The admin pane is not shown unless the user has successfully authenticated 4 User Interface Design 41 Description of the User Interface 411 Transfers Pane The Transfers Pane displays graphically all active queued terminated and completed transfers To better allow users to identify each of these transfer categories there are specific rules for these states described in section 421 Transfers 412 Search Pane The Search Pane consists of several JTextBox and JList objects that allow the user to search for medical records based on a patient s first name last name birth date SSN and Military ID There is also a JButton that the user clicks to execute a search query on the database 413 Login Box The Login Box is the first item a user sees when they execute the client program This pane contains a field forthe user s username and password and it also contains a JButton which is clicked to execute the connect function Once login is successful the Login Box is replaced with the main GUI that contains the Search Transfers and Remote Panes 414 Local Pane The Local Pane consists of a JTree representing the file hierarchy present on the local machine Users can select files from this tree and upload them to the remote server by clicking the Upload JButton 415 Admin Pane The Admin Pane allows system administrators to modify configuration settings for users and the local machine The configuration settings are parsed from an INI file located on the local machine 42 Screenshot Local Pane Search Pane and Transfers Pane quot Secure Transfer Dmm LasName sm Fug Name r V mm L Mlmaryu mum i my i D Inhnso Gemge D namnson WW El 5mm men BMW H r warmquot 52 mm mm m Mr A 250 msrzmma mmem ltlt 4 runwayum 39