CHAPTER ONE

1.1 INTRODUCTION

Several network systems are built to communicate with one another and are made

available through service-oriented architectures. In this project we use the client

server architecture to develop a secured Client-Server chat application. A chat

application is created based on Transmission Control Protocol (TCP) where TCP is

connection oriented protocol and in the end multithreading is used to develop the

application.

A client-server chat application consists of a Chat Client and a Chat Server and

there exists a two way communication between them. Here Message Processor is

used to interpret message from the user Message Interpreter is used to extract and

pass the received message. Message Maker is used to construct back the message

and Client Manager is used to maintain the clients list which the sender and

receiver at both sides use to interact with each other.

In general the server process will start on some computer system; in fact the

server should be executed before the client. Server usually initializes itself and

then goes to wait state or sleep state where it will wait for a client request. After

that a client process can start on either the same machine or on some other

machine. Whenever the client wants some service from the server it will send a

request to the server and the server will accept the request and process it. After the

server has finished providing its service to the client the server will again go back

to sleep that is waiting for the next client request to arrive. This process is

repeated as long as the server processes is running. Whenever such request comes

the server can immediately serve the client and again go back to the waiting state

for the next request to arrive.

1.2 BACKGROUND OF THE STUDY

Client server model is the standard model which has been accepted by many for

developing network applications. In this model there is a notion of client and

notion of server. As the name implies a server is a process (or a computer in which

the process is running) that is offering some services to other entities which are

called clients. A client on the other hand is process (which is running) on the same

computer or other computer that is requesting the services provided by the server.

A chat application is basically a combination of two applications:

 Server application

 Client application

Server application runs on the server computer and client application runs on the

client computer (or the machine with server). In this chat application a client can

send data to anyone who is connected to the server.

Java application programming interface (API) provides the classes for creating

sockets to facilitate program communications over the network. Sockets are the

endpoints of logical connections between two hosts and can be used to send and

receive data. Java treats socket communications much as it treat input and output

operations; thus programs can read from or write to sockets as easily as they can

read from or write to files.

To establish a server connection a server socket needs to be created and attached

to a port which is where the server listens for connections. The port recognizes the

Transmission Control Protocol service on the socket. For instance the email server

runs on port 25 and the web server usually runs on port 80.

Server Execution: At server the side a thread is created which receives numerous

clients’ requests. It also contains a list in which Client’s name and IP addresses are

stored. After that it broadcast the list to all the users who are currently in chat

room and when a client logs out then server deletes that particular client from the

list update the list and then broadcast the list to all available clients.

Client Execution: A client firstly must have to register itself by sending username

to the server and should have to start the thread so that system can get the list of all

available clients. Then any of two registered clients can communicate with each

other.

1.3 STATEMENT OF THE PROBLEM

The client-server communication model is used in a wide variety of software

applications. Where normally the server side is sufficiently protected and sealed

from public access but client applications running on devices like notebooks and

desktops are considered insecure and exposed to security threats.

The main weakness of client-server chat application is that there is no security

provided to data which is transferred between clients. Any unauthorized client can

hack the client account and can change the data. This is the main objective of this

project (To develop a secured Client-Server Chat Application).

1.4 OBJECTIVES OF THE STUDY

The aim of this project is to develop a reliable and secure network programming

(Client-Server chat model) which can perform a multithreaded server client chat

application based on Java socket programming using Transport Control Protocol

(TCP). As security is the key factor while communicating over a network hash

function with salt is used for the Database based on a number of benefits. MySQL

became the choice for the implementation of this application based on its

scalability and flexibility high performance high availability strong data

protection web and data warehouse strengths management ease lowest total cost

of ownership and open source freedom.

1.5 SIGNIFICANCE OF THE STUDY

Apart from just performing the regular client server chat this client-server chat is

robust and significant in the following ways:

This project use MySQL for its database to make information in the database

secure. The personal details and messages including the private messages in the

Database are encrypted using encryptor (one of the security facilities available in

the MySQL).

This project implements hash function with the password before the encryption and

then stored in the Database. It also uses random generated numbers (salt) that is

calculated together with the passworded hash values and stored in the Database. As

a result even if the database is compromised the salt added to hash values makes

it harder to compute the original password. This random salt is used with the hash

function to significantly increase the strength of encrypting passwords and thus

makes cracking greatly impossible. This makes the chat application server reliable

and more secured.

Another significance of this application is private chatting. This is where two users

can chat in private. The messages between the users are not displayed / seen in the

general chat display text field. The messages are displayed only within the private

message display text field.

1.6 SCOPE OF THE STUDY

The project shall consider among other things the following issues:

1. To provide a better understanding of how network programming in java

works.

2. Develop a reliable network communication for a Client-Server chat

application.

3. Analyses of network programming in java (Multithreaded Client-Server

Chat applications) for better understanding of the solutions.

4. Conduct an experimental result in order to establish the parameter of the

problem. In conclusion suggest ways the problems can be eliminated and

recommends how the problems can be prevented.

1.7 LIMITATIONS

The previous Client-Server Chat system implements only hash function with the

password before the encryption which is then stored in the Database. Thus the

database can be compromised easily to compute the original password.

Some drawbacks of the Client-Server Chat are as follows:

 As the server receives as many requests from clients so there is a chance that

server can become congested and overloaded.

 In case of server fails then the users also suffers.

 A lost password is irrecoverable.

 Any unauthorized client can hack the client account and can change the data.

1.8 ORGANISATION OF THE WORK

In this project a secure java chat application is considered which relies on the

client-server paradigm to exchange the information. It is divided into five chapters.

Chapter one is the introduction which consists of the background of study

significance of the study scope of the study limitations of the study organization

of the work and the definition of terms.

The second chapter focuses on the literature review of relevant scholar’s opinions

relevant to this study such as socket programming in java overview of secure

socket layer hash function e.t.c.

The third chapter gives details of the main methodology and system design to

implement the client-server chat application in java. First of all the application is

developed by using TCP then and in the end multithreading is used to develop the

application. At the end of chapter weaknesses (deadlocks) of multithreading is

discussed which can be removed by using synchronizing threads.

Chapter four is the implementation of the secured Java Client-Server Chat

Application: it test and analysis the implementation of the application.

Chapter five ends the project report. Firstly a short summary highlights the main

points of the whole project. Next a number of conclusions and recommendations

are given and lastly Appendix.

1.9 DEFINITION OF TERMS

Socket: Socket is a standard connection protocol that supports data communication

over the network between connected terminals. The standard connection supports

the data transmission both by the TCP and UDP protocols between the terminals.

TCP: TCP is a transport layer protocol used by applications that require

guaranteed delivery of data. Basically it is a connection-oriented protocol. To

communicate over TCP one must first have to establish a connection between pair

of sockets where one socket is client and the other belongs to server. After the

connection is established between them then they can communicate with each

other.

Client: A client is a system that accesses or desires for a service made accessible

by a server.

Server: A server is a system (hardware or software) program running to provide

the service requests of other system programs.

Port: Port is a software mechanism that allows the centralized connected Servers

to listen for requests made by clients. Port is actually purposed as a gateway to

listen for the requested parameters by the server terminals or other machines. It is a

software address on a system that is on the network. Entire request response

proceeding among this Application is carries through machine ports.

Network: This refers to a system were computers are linked to share software

data hardware and resources for the benefit of users.

Interface: This may be software or hardware that upon an agreed method spells

out the manner a system component can exchange information with another system

component.

Secure socket layer (SSL): This refers to Secure Sockets Layer protocol that is

used for encryption of data for secure data transmission.

IP: This refers to Internet Protocol; it is the reasonable network address of device

on a network. It is notational called dotted-decimal (for instance: 128.1.0.1).

Thread: A thread is a section of code which is executing independently of others

threads in a same program. Java has a class Thread which is defined in java.lang

package. Thread is the most powerful feature that JAVA supports from other

programming languages.