An Easy, Secure and Reliable Online Shopping & Payment System

Similar documents
Java Technology in the Design and Implementation of Web Applications

WebSphere Server Administration Course

IBM WebSphere Server Administration

Oracle Application Development Framework Overview

How To Understand The Architecture Of Java 2Ee, J2Ee, And J2E (Java) In A Wordpress Blog Post

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 5

How to Build an E-Commerce Application using J2EE. Carol McDonald Code Camp Engineer

The Impact of Extended Validation (EV) Certificates on Customer Confidence

Japan Communication India Skill Development Center

OUR COURSES 19 November All prices are per person in Swedish Krona. Solid Beans AB Kungsgatan Göteborg Sweden

White Paper: 1) Architecture Objectives: The primary objective of this architecture is to meet the. 2) Architecture Explanation

Research Article. ISSN (Print) *Corresponding author Lili Wang

zen Platform technical white paper

MVC pattern in java web programming

A Comparative Study of Web Development Technologies Using Open Source and Proprietary Software

Japan Communication India Skill Development Center

An introduction to creating JSF applications in Rational Application Developer Version 8.0

The Design of B2B E-commerce System Based on MVC Model and J2EE

Client-server 3-tier N-tier

Oracle WebLogic Server 11g Administration

MyanPay API Integration with Magento CMS

Advance Technique for Online Payment Security in E-Commerce : Double Verification

About the Authors About the Technical Reviewer

Japan Communication India Skill Development Center

CHAPTER 1 - JAVA EE OVERVIEW FOR ADMINISTRATORS

Client-Server Architecture & J2EE Platform Technologies Overview Ahmed K. Ezzat

Web Application Development

ORACLE MOBILE SUITE. Complete Mobile Development Solution. Cross Device Solution. Shared Services Infrastructure for Mobility

Application of MVC Platform in Bank E-CRM

What Is the Java TM 2 Platform, Enterprise Edition?

Onegini Token server / Web API Platform

IT Architecture Review. ISACA Conference Fall 2003

WHITE PAPER WORK PROCESS AND TECHNOLOGIES FOR MAGENTO PERFORMANCE (BASED ON FLIGHT CLUB) June, Project Background

Case Studies of Running the Platform. NetBeans UML Servlet JSP GlassFish EJB

Web Frameworks. web development done right. Course of Web Technologies A.A. 2010/2011 Valerio Maggio, PhD Student Prof.

IT TECHNICAL SECURITY REVIEW CHECKLISTS FOR E-COMMERCE WEBSITES

Building Web Applications, Servlets, JSP and JDBC

SSC - Web development Model-View-Controller for Java web application development

Glassfish, JAVA EE, Servlets, JSP, EJB

SwiftScale: Technical Approach Document

enterprise^ IBM WebSphere Application Server v7.0 Security "publishing Secure your WebSphere applications with Java EE and JAAS security standards

Commercial software development with the help of J2EE architecture and MVC

RRF Reply Reporting Framework

Qlik Sense Enabling the New Enterprise

Configuring Nex-Gen Web Load Balancer

Title Page. Hosted Payment Page Guide ACI Commerce Gateway

SOLUTIONS FOR BUSINESS PROCESS & ENTERPRISE CONTENT MANAGEMENT

Table of Contents. Page 1 of 6 (Last updated 30 July 2015)

Client/server is a network architecture that divides functions into client and server

March PGP White Paper. Transport Layer Security (TLS) & Encryption: Complementary Security Tools

Contents. Client-server and multi-tier architectures. The Java 2 Enterprise Edition (J2EE) platform

Oracle Identity Analytics Architecture. An Oracle White Paper July 2010

Chapter 4. Architecture. Table of Contents. J2EE Technology Application Servers. Application Models

CMP3002 Advanced Web Technology

Basic TCP/IP networking knowledge of client/server concepts Basic Linux commands and desktop navigation (if don't know we will cover it )

Oracle WebLogic Server 11g: Administration Essentials

Passing PCI Compliance How to Address the Application Security Mandates

CSE 510 Web Data Engineering

Performance Optimization For Operational Risk Management Application On Azure Platform

How Reflection Software Facilitates PCI DSS Compliance

Course Title: ITAP 4371: E-Commerce. Semester Credit Hours: 3 (3,0)

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

PL/SQL. JSP Java Script. Struts JSF EJB 2.1. Hibernate. JBoss RichFaces EJB 3

PHP Web Authoring for Database Management based on MVC Pattern

Oracle Database Security and Audit

Web Presentation Layer Architecture

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

ORACLE MOBILE APPLICATION FRAMEWORK DATA SHEET

Context, Architecture, Process, and Integration Diagrams

IBM Software Group Thought Leadership Whitepaper. IBM Customer Experience Suite and E-Commerce

2. RELATIONAL WORK. Volume 2, Issue 5, May 2013 Page 67

Java (J2SE & J2EE) and Web Development Training Catalog

Oracle Procurement. Punchout and Transparent Punchout Guide for Oracle iprocurement and Oracle Exchange Release 11i. Part No.

Developing ASP.NET MVC 4 Web Applications MOC 20486

CrownPeak Java Web Hosting. Version 0.20

A Survey on Cloud Security Issues and Techniques

Voltage SecureData Web with Page-Integrated Encryption (PIE) Technology Security Review

PrivyLink Internet Application Security Environment *

Policy Guide Access Manager 3.1 SP5 January 2013

Passive RFID Solutions for Asset Tracking and Inventory Management

2: Do not use vendor-supplied defaults for system passwords and other security parameters

-8*6-DYD6HPLQDU 6HUYOHW$UFKLWHFWXUHV 5DLQHU+LVV$QGUHDV.DSS 6<6725$*

Alice. Software as a Service(SaaS) Delivery Platform. innovation is simplicity

PCI DSS: An Evolving Standard

White paper. Why Encrypt? Securing without compromising communications

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Stock Trader System. Architecture Description

Official Amazon Checkout Extension for Magento Commerce. Documentation

Authorize.net modules for oscommerce Online Merchant.

WebSphere Training Outline

HomeConvenience.com. Creating Trust Online CASE STUDY. Comodo Identity and Trust Assurance Suite. Content Verification Certificate.

Setting up Microsoft Office 365

Setting up Microsoft Office 365

Monitoring Experience Redefined

JVA-122. Secure Java Web Development

RemotelyAnywhere. Security Considerations

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions

Securing Cloud using Third Party Threaded IDS

Data Storage Security in Cloud Computing

Software Development Kit

Transcription:

An Easy, Secure and Reliable Online Shopping & Payment System Ripan Kumar Basak 1, Dr. Avula Damodaram 2 1 JNTUH, School of Information Technology, Kukatpally, Hyderabad, Telangana, India-5000 85 2 Professor of CSE, Chairman, BOS, CSE&IT and Director of University Academic Audit Cell, Kukatpally, Hyderabad, Telangana, India-5000 85 Abstract: The On-line Shopping & Payment System is one of the fastest growing e-commerce businesses in India. The project is divided into three inter-operable components (Model, View, and Controller). We are using technology JSP/JSTL for front view, Servlets for controller, EJB for Model and JPA for back end connection. Using above technology the on-line system will be more secure, reliable, and reusable and can handle more number of traffics. Keywords: Shopping System, JSP/JSTL, SERVLET, EJB/JPA technology, MVC pattern. 1. Introduction The term e-commerce is refers to the buying and selling of products or services over the Internet. The online shopping is part of the e-commerce. For making the shopping system secure and reliable we need to be carefully about two things first is carefully design the system and second is which technology should we use for making the system more secure, reliable and handle more load at a time. In this paper I am going to explain simple yet effective online shopping application that demonstrate various feature of java web and EE development. What is the existing system and why we need new system, that differentiate I have demonstrate very simple way. 2. System Study 2.1 Existing System 1) Inefficient in meeting the growing demands of people 2) The basic problems with the existing systems are the noninteractive environment they provide to the user 3) The use of traditional user interfaces which make continuous post backs to the web server; each post back makes a call to the server, gets the reply and then refreshes the entire web form to display the outcome. This scenario adds an added trade off causing a delay in displaying the outcome 4) A search engine that would display the outcome without allowing the users to further filter the results based on various parameters. 5) Use of traditional and non user friendly interfaces that are hard to use 6) Time consuming 2) Making the application AJAX enabled gets rid of these unnecessary delays letting the user to perform exhaustive search. The users of this web application can simply feel the difference between the Ajax empowered user interface vs. usual user interface. 3) Provide Interactive interface through which a user can interact with different areas of application easily. 4) A search engine that provides an easy and convenient way to search for products specific to their needs. The search system would list a set of items based on the search term and the user can further filter the list based on various parameters. 5) Sitemap to help visitors find what they are looking for. 6) Provide Drag and Drop feature thereby allowing the user to add products to or remove products from the shopping cart by dragging the products in to or out of the shopping cart. 7) Comparing feature of the products for batter choice 8) Providing batter security. 3. Designing Application The application design is based on a real-world scenario. In this application we breakdown the requirements into a set of implementation tasks, and structure the application so that the responsibilities and interactions among functional components are clearly defined. We discuss the MVC (Model-View-Controller) design pattern. We use JSP, Servlet, EJB, JPA technology to the MVC architecture. 2.2 Proposed System 1) The purpose of this Online Shopping Application is to allow the user to play with the search tool and create different combinatorial search criterion to perform exhaustive search. Paper ID: SEP14284 960

3.1 Architectural Diagram International Journal of Science and Research (IJSR) 3.2 Business Process Flow The figure displays the visual and functional components of each page, and highlights the main actions available to the user in order to find the way through the site to absolute a purchase. Paper ID: SEP14284 961

3.3 Determining the Architecture International Journal of Science and Research (IJSR) Separated the responsibilities among functional components, and decide how they will work together. based on the user interactions and the outcome of the model operations. There are various design patterns already in existence which provide considerable benefits when applied. One such blueprint is the MVC (Model-View-Controller) concept, which divides the application into three interoperable components: Model: Represents the business data and any business logic that govern access to and modification of the data. The model notifies outlook when it change and lets the view query the model about its state. It lets the controller right to use application functionality encapsulated by the model. View: The view renders the contents of a model. It gets information from the model and specify how that data should be presented. The view also updates data presentation when the model changes. An analysis also in advance user input to a controller. Controller: The controller defines application behaviour. It dispatches user requests and selects views for presentation. The controller interprets user input and maps them into manners to be performed by the model. In a online application, user inputs are GET and POST requests. A controller selects the observation to show 4. Designing Data Model The data model should enclose all the logical and physical design parameters required to generate a script using the Data Definition Language (DDL), which can then be used to create a database. 5. EJB Technology Paper ID: SEP14284 962

Enterprise JavaBeans technology as a "server-side component architecture that "enables rapid and simplified development of distributed application, also transactional, safe and portable applications. We can pertain EJBs (i.e., Enterprise beans) to the application, and the services provided by the technology remain transparent as a developer, thus eliminate the old and often error-prone task of adding a lot of boiler plate code which would otherwise be required. Pooling: For each EJB component, the EJB platform also creates a pool of item instances that are shared by customers. The EJB pooled instance is only allowed to be used by a single customer. As soon as an occurrence is finished servicing a customer, it is returned to the pool for reuse instead of being frivolously discarded for the garbage collector to reclaim. Thread Safety: EJB makes all types of components thread-safe and very much performance in ways that are completely unseen. This means that you can write your server components as if you were developing a singlethreaded desktop application. It doesn't matter how complex the element itself is; It will make sure of threadsafety. Transactions: EJB supports declarative transaction management that helps you add transactional behaviour to components using simple configuration instead of code. In effect, we can designate any component method to be transactional. If the process completes normally, EJB commit the transaction and make the data change made by the method lasting. Otherwise the transaction is going to roll back Security: EJB chains combination with the Java Authentication and Authorization Service (JAAS) API, so it is easy to secure an application using simple configuration instead of cluttering up your application with security code 6. Securing the Applications When securing web applications, there are two primary concerns that need to be addressed: Preventing unofficial user from acquirement access to confined content. Preventing confined content from read while it is being transmitted. The first concern, access control, has typically involves two steps: (1) determining whether a user is who he or she claims to be (i.e., authentication), and then (2) either granting or denying the user access to the requested resource (i.e., authorization). A simple and common way to implement access control for web applications is with a login form that enables the server to compare user credentials with a preexisting list of authenticated users. The second alarm, protecting information while it is in transit, typically involves using Transport Layer Security (TLS), or its predecessor, Secure Sockets Layer (SSL), in order to encrypt any data communicated between the client and server. We generally need to secure the application in the following ways: Step1: Set UP a authentication form for the administration console that enables staff member s access to the console's services, and blocks unauthorized users. Step2: Organize secure information transport for both the customer checkout process, and for any data transmitted to and from the administration console. 7. Conclusion With today s high tech business and E-commerce environment, it is crucial to have the capability to protect information assets by implementing security measures. Losses of huge amounts of money and System damage are examples of the negative effects resulting from weak security measures. Security threats cause serious incident to e-commerce firms such as revenue loss, reputation damage, legal consequence and loss of market share. Therefore, e- commerce companies should use proper techniques to secure their system and increase user awareness of those threats. To defeat the security obstacle for adoption in e-commerce in developing countries, decision-makers and IT Professionals should enhance the security of online payment and assure and educate the people about conducting online transactions. Dealing with the security issue will build and strengthen the trust in online transactions and lead to have a safe e-payment gateway for businesses. This will increase confidence in public and business to conduct online payment safely. References [1] McAfee study: online security fears affect online shopping. [2] Ecommerce [3] Journal. [4] June29,2009.[Cited:0114,2011.] [5] [http://ecommercejournal.com/news/16510_mcafee_stu dy_online_sec [6] urity_fears_affect_online_shopping] [7] M. J. Schniederjans, Qing Cao. e-commerce Operations Management. [8] s.l. : World Scientific Publishing Co., 2002. [9] BOILARD, ROBERT. HOW EXACTLY DOES ECOMMERCE [10] WORK? I4Market. [http://www.i4market.com/articles/d347.html] [11] Last retrived on March 15,2011 [12] F.Belanger, Janine S. Hiller, Wanda J. Smith. Trustworthiness in [13] 2002, The Journal of Strategic Information Systems, pp. 254- [14] 270.Scientific Publishing Co., 2002. [15] L. Clemer. Information Security Concepts: Confidentiality, Integrity, [16] Availability, and Authenticity. May, 2010 [17] S.M. Furnell, and Karweni, IT Security implications of electronic [18] commerce: a survey of consumers and businesses.., Internet Paper ID: SEP14284 963

[19] Research: Electronic Networking Applications and Policy, 1999, pp. [20] EJB 3 in action addition 2012 Author Profile Ripan Kumar Basak is M.Tech (Computer Science) Scholar at SIT-JNTUH, Kukatpally, Hyderabad, Telangana, India Dr. Avula Damodaram is Professor of CSE and Director, University Academic Audit Cell, Kukatpally, Hyderabad, Telangana, India Paper ID: SEP14284 964

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information