CERTIFICATELESS REMOTE ANONYMOUS AUTHENTICATION SCHEMES FOR WIRELESS BODY AREA NETWORKS A PROJECT REPORT

CERTIFICATELESS REMOTE ANONYMOUS

AUTHENTICATION SCHEMES FOR WIRELESS BODY AREA

NETWORKS

A PROJECT REPORT

Submitted by

E.GIRI KUMAR : 511811104005

S.SYED HUSSAIN : 511811104013

In partial fulfillment for the award of the degree

of

BACHELOR OF ENGINEERING

IN

COMPUTER SCIENCE AND ENGINEERING

PODHIGAI COLLEGE OF ENGINEERING &TECHNOLOGY

TIRUPATTUR-635601 ANNA UNIVERSITY, CHENNAI 600 025.

APRIL 2015

ANNA UNIVERSITY:CHENNAI 600 025

BONAFIDE CERTIFICATE

This is Certified that the project report “CERTIFICATELESS REMOTE

ANONYMOUS AUTHENTICATION SCHEMES FOR WIRELESS BODY

AREA NETWORKS” is the bonafide work of “GIRI KUMAR.E and

SYED HUSSAIN.S” who carried out the project work under my supervision.

SIGNATURE SIGNATURE

Mr.G.LENIN M.Tech.,(Ph.D.,) Ms.B.VANITHA M.E.,

HEAD OF THE DEPARTMENT ASSISTANT PROFESSOR

Podhigai college of engineering & Podhigai college of engineering&

Technology Technology

Tirupattur- 635 601 Tirupattur-635 601

Vellore District Vellore District

CERTIFICATE OF EVALUTION

College name : Podhigai College Of Engineering & Technology, Tirupattur

Branch & semester : Computer science and Engineering & 8th semester.

Name of the students

have who done the

project

Title of the Project Name of the supervisor

with designation

GIRI KUMAR.E

SYED HUSSAIN.S

CERTIFICATELESS

REMOTE

ANONYMOUS

AUTHENTICATION

SCHEMES FOR

WIRELESS BODY

AREA NETWORKS

Ms.B.Vanitha.M.E.,

Assistant Professor.

The report of the project works submitted by the above students in partial

Fulfillment for the award of Bachelor of Engineering Degree in Computer Science

and Engineering of Anna University were evaluated and confined to be reports of

the work done by the above students and then evaluated.

Submitted for VIVA-VOICE held on ……………..at Podhigai College of

Engineering & Technology, Tirupattur.

INTERNAL EXAMINER EXTERNAL EXAMINER

DECLARATION

I affirm that the project work titled “CERTIFICATELESS REMOTE

ANONYMOUS AUTHENTICATION SCHEMES FOR WIRELESS BODY

AREA NETWORKS” being submitted in partial fulfilment for the award of

“BACHELOR OF ENGINEERING” is the original work carried out by me. It

has not formed the part of any other project work submitted for award of any

degree or diploma, either in this or any other University.

(Signature of the Candidate)

GIRI KUMAR.E

(511811104005)

I Certify that the declaration made above the candidate is true.

(Signature of the Guide)

Ms.B.Vanitha M.E.,

Assistant Professor,

Department of computer Science and Engineering,

Podhigai College of Engineering & Technology,Tirupattur-635601.

DECLARATION

I affirm that the project work titled being submitted in partial fulfilment for the

award of “BACHELOR OF ENGINEERING” is the original work carried out by

me. It has not formed the part of any other project work submitted for award of any

degree or diploma, either in this or any other University.

(Signature of the Candidate)

GIRI KUMAR.E

(511811104005)

I Certify that the declaration made above the candidate is true.

(Signature of the Guide)

Ms.B.Vanitha M.E.,

Assistant Professor,

Department of computer Science and Engineering,

Podhigai College of Engineering & Technology,

Tirupattur-635601.

ACKNOWLEDGEMENT

With great pleasure we express our sincere gratitude and in debtness to all

those who helped us in this project and in the preparation of this report.

We would like to express our heartfelt thanks to the Principal of Podhigai

College of Engineering & Technology, Dr.P.LAWRENCE M.E.,(Ph.D.,) for

providing us an opportunity to do this project.

We reveal our sincere thanks to Mr.G.LENIN M.Tech.,(Ph.D.,) Head of the

Department of Computer Science and Engineering, Podhigai College of

Engineering & Technology, Tirupattur for his encouragement throughout this

project.

We would again take an opportunity to express our hearty thanks to

Ms.B.Vanitha M.E., Assistant professor, Department of Computer Science and

Engineering, Podhigai College of Engineering & Technology, Tirupattur for

rendering his valuable guidance and support during the entire of course of our

project work.

Above all we remember with deepest thanks, the ‘etrnal spirit’ for showering

us the entire blessing and giving us strength to complete this project work

successfully.

ABSTRACT

Wireless body area network (WBAN) has been recognized as one of the promising

wireless sensor technologies for improving healthcare service, thanks to its

capability of seamlessly and continuously exchanging medical information in real

time. However, the lack of a clear in-depth defense line in such a new networking

paradigm would make its potential users worry about the leakage of their private

information, especially to those unauthenticated or even malicious adversaries. In

this paper, we present a pair of efficient and light-weight authentication protocols

to enable remote WBAN users to anonymously enjoy healthcare service. In

particular, our authentication protocols are rooted with a novel certificateless

signature (CLS) scheme, which is computational, efficient, and provably secure

against existential forgery on adaptively chosen message attack in the random

oracle model. Also, our designs ensure that application or service providers have

no privilege to disclose the real identities of users. Even the network manager,

which serves as private key generator in the authentication protocols, is prevented

from impersonating legitimate users. The performance of our designs is evaluated

through both theoretic analysis and experimental simulations, and the comparative

studies demonstrate that they outperform the existing schemes in terms of better

trade-off betweendesirable security properties and computational overhead, nicely

meeting the needs of WBANs.

TABLE OF CONTENTS

CHAPTER NO TITLE PAGE NO

ABSTRACT

LIST OF TABLES

LIST OF FIGURES

LIST OF ABREVATIONS

1. INTRODUCTION

2. LITERATURE SURVEY

3. SYSTEM ANALYSIS

3.1 EXISTING SYSTEM

3.1.1 DISADVANTAGES OF EXISTING SYSTEM

3.2 PROPOSED SYSTEM

3.2.1 ADVANTAGES OF PROPOSED SYSTEM

5. SYSTEM REQUIREMENTS

5.1 HARDWARE REQUIREMENTS

5.2 SOFTWARE REQUIREMENTS

6. SOFTWARE REQUIREMENTS

6.1 FEATURES OF JAVA

6.1.1 ODBC

6.1.2 JDBC

7. SYSTEM IMPLEMENTATION

7.1 INTRODUCTION

7.2MAIN MODULES

7.2.1GRAPHICAL PASSWORD

7.2.2 CAPTICA IN AUTHENTICATION

7.2.3 THWART GUESSING ATTACKS

7.2.4 SECURITY OF UNDERLYING CAPTCHA

8. SOFTWARE TESTING

8.1 TYPES OF TESTING

8.1.1UNIT TESTIN

8.1.2 INTEGRATION TESTING

8.1.3 FUNCTIONAL TEST

8.1.4 SYSTEM TEST

8.1.5 WHITE BOX TESTING

8.1.6 BLACK BOX TESTING

8.1.7 ACCEPTANCE TESTING

9. SYSTEM STUDY

9.1 FEASIBILITY STUDY

9.1.1 ECONOMICAL FEASIBILITY

9.1.2 TECHNICAL FEASIBILITY

9.1.3 SOCIAL FEASIBILITY

10. RESULTS

10.1 SAMPLE CODING

10.2 SNAPSHOTS

11. CONCLUSION & FUTURE

ENHANCEMENT REFERENCES

CHAPTER 1

INTRODUCTION

In our aging society, mobile Healthcare (m-Healthcare) system has been

envisioned as an important application of pervasive computing to improve health

care quality and save lives, where miniaturized wearable and implantable body

sensor nodes and smartphones are utilized to provide remote healthcare monitoring

to people who have chronic medical conditions such as diabetes and heart disease.

Specifically, in an m-Healthcare system, medical users are no longer needed to be

monitored within home or hospital environments. Instead, after being equipped

with smartphone and wireless body sensor network (BSN) formed by body sensor

nodes, medical users can walk outside and receive the high-quality healthcare

monitoring from medical professionals anytime and anywhere. For example, as

shown in Fig. 1, each mobile medical user’s personal health information (PHI)

such as heart beat, blood sugar level, blood pressure and temperature and others,

can be first collected by BSN, and then aggregated by smartphone via bluetooth.

Finally, they are further transmitted to the remote healthcare center via 3G

networks. Based on these collected PHI data, medical professionals at healthcare

center can continuously monitor medical users’ health conditions and as well

quickly react to users’ life-threatening situations and save their lives by dispatching

ambulance and medical personnel to an emergency location in a timely fashion.

Although m-Healthcare system can benefit medical user by providing high

quality pervasive healthcare monitoring, the flourish of m-Healthcare system still

hinges upon how we fully understand and manage the challenges facing in m-

Healthcare system, especially during a medical emergency. To clearly illustrate the

challenges in m Healthcare emergency, we consider the following scenario. In

general, a medical user’s PHI should be reported to the healthcare center every 5

minutes for normal remote monitoring. However, when he has an emergency

medical condition, for example, heart attack, his BSN becomes busy reading a

variety of medical measures, such as heart rate, blood pressure, and as a result, a

large amount of PHI data will be generated in a very short period of time, and they

further should be reported every 10 seconds for high intensive monitoring before

ambulance and medical personnel’s arrival. However, since smartphone is not only

used for healthcare monitoring, but also for other applications, i.e., phoning with

friends, the smartphone’s energy could be insufficient when an emergency takes

place. Although this kind of unexpected event may happen with very low

probability, i.e., 0.005, for a medical emergency, when we take into 10, 000

emergency cases into consideration, the average event number will reach 50, which

is not negligible and explicitly indicates the reliability of m-Healthcare system is

still challenging in emergency.

BY using wireless personal area network (WPAN) technologies for

communications on, near, and around the human body, Zimmerman [1] first

proposed wireless body area network (WBAN) in 1996. The work then

immediately drew much attention from both academia and industry. For instance,

IEEE802.15 has developed a family of short distance communication standards. In

particular, 802.15.6 was formally standardized in 2012 after five years effort of

engineers from 60 companies. It is about the low-power wireless sensor nodes used

in WBAN to gather biomedical information for various applications in hospitals,

residential, and work environments [2], [3], [4], [5]. Basically there are two

categories of WBAN applications, i.e., medical and nonmedical ones [6]. Medical

applications need to collect vital information of a patient continuously and forward

it to a remote monitoring station for further analysis. This huge amount of data can

be used to prevent the occurrence of myocardial infarction and treat various

diseases such as gastrointestinal tract, cancer, asthma, and neurological disorder.

Nonmedical applications include monitoring forgotten things, data file transfer,

gaming, and social networking applications. For example, in gaming, sensors in

WBAN can collect coordinate movements of different parts of the body and

subsequently make the movement of a character in the game, for example, moving

soccer player or capturing the intensity of a ball in table tennis. The use of WBAN

in social networking allows people to exchange digital profile or business card

only by shaking hands. Fig. 1 illustrates one

typical medical application scenario of WBAN, where biological information of

concerns like heartbeat rate and blood pressure are gathered by the sensors around

the body (in-body networks) and transmitted to body area network (BAN)

controller nodes (out-body networks), such as PDA and smart phones, which serve

as a gateway for anonymously accessing the services provided by external

networks and servers.

CHAPTER 2

2. LITERATURE SURVEY

2.1 An Efficient Encryption Scheme using Elliptic Curve Cryptography (ECC) with Symmetric Algorithm for Healthcare SystemAuthor: Young Sil Lee, Esko Alasaarela, and Hoon Jae Lee1

Wireless Body Area Networks (WBANs) has been recognized as one of the promising wireless sensor technologies for improving healthcare service thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make it potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present efficient encryption method based on Elliptic Curve Cryptography (ECC) to protect patient’s medical data in WBANs. This method used the symmetric cipher algorithms (i.e., DES, modified Feistel algorithm, etc.) to encrypt or decrypt some sensitive patient’s medical data, and then use ECC to manage the key’s distribution, update and revocation.

2.2 A Secure Transmission Protocol for Wireless Body Sensor NetworksAuthor: Guangxia Xu, Shuangyan Liu and Yanbing Liu

A wireless body sensor network (WBSN) is a typically wearable wireless network deployed on a user’ body, which consists of biosensors and a local personal wireless hub, which we commonly call wireless body sensor network controller (WBSNC). The sensitive micro data (SMD) of WBSN users is collected by biosensors and forwarded to the WBSNC before it is delivered to the data process center (healthcare terminal or remote server) for further processing. Since SMD involves user’s personal privacy, it is important to protect secure transmission of SMD. Therefore it is crucial to admit only legitimate biosensors and WBSNC into the network in a WBSN. Ensuring the safety of data transmission from each biosensor to WBSNC or between WBSNC and the data process center is essential because of the open feature in wireless channel. In this paper, we present a novel kind of cryptography and authentication method to assure a secure network admission and transmission in a WBSN based on ID.

The procedures in this system to establish keys for each biosensor and WBSNC must offer high communication validity and as low energy consumption as possible. In addition, we also propose a new way to protect BSN secure access for biosensor and WBSNC in order to block interference from Pseudo Node.

2.3 Security in Body Area Network: A SurveyAuthor: Ajit, Amita Malik

Wireless Body Area Network is an Emerging field in the branch of Wireless Sensor Network for research due to its various applications in healthcare, entertainment, defense etc.

In Body Area Network, sensors monitor the human’s activities and actions like their health parameters so it is necessary to secure the privacy of the user and the medical information collected by the sensors from the body of the user. In this paper we discussed introduction, architecture, applications, issues, challenges and security approaches of Body Area Network.

Various types of security protocols are discussed for Body Area Network and their comparison on the basis of their different types is also made.

2.4 SECURITY MECHANISM IN BODY AREA NETWORK-A SURVEYAuthor: Divya R, Sundararajan T.V.P2, Deepak KR, Nagarajan.P GokulPrasath Y

Wireless Body Area Network is an Emerging technology in Wireless Sensor Network for various applications in healthcare, entertainment, defense etc.,

In Body Area Network, sensors are used to monitor the human’s activities and their actions like health parameters so it is necessary to secure the privacy of the user and the necessary information are collected by the sensors from the body of the user.

In this paper we discussed introduction, architecture, issues, challenges, and security approaches of Body Area Network. Different types of security protocols are discussed for Body Area Network and their comparison is also made.

CHAPTER 3

3. SYSTEM ANALYSIS

3.1 EXISTING SYSTEM

In WBAN, where biological information of concerns like heartbeat rate and blood

pressure are gathered by the sensors around the body (in-body networks) and

transmitted to body area network (BAN) controller nodes (out-body networks),

such as PDA and smart phones, which serve as a gateway for anonymously

accessing the services provided by external networks and servers.

3.1.1 DISADVANTAGES OF EXISTING SYSTEM:

leakage of privacy information due to WBAN's unique characteristics,

such as open medium channel, signal noise, mobile terminals, flexible

infrastructure, and so on.

3.2 PROPOSED SYSTEM

We develop a new CLS scheme as the cryptographic primitive, which is

cost-effective, efficient, and provably secure against existential forgery on

adaptively chosen message attack in the random oracle model by assuming

that CDHP is intractable.

The proposed CLS scheme then serves as a design basis for two remote

anonymous authentication protocols, which are particularly suitable for

resource-constrained mobile clients. In particular, the protocols use an

anonymous account index instead of a WBAN client’s real identity to access

WBAN service, thereby preventing the potential privacy leakage to

application providers (APs) and network managers (NMs).

A formal security analysis on our proposed protocols is conducted, laying a

theoretic foundation for examining the soundness and performance of the

similar designs.

3.2.1 ADVANTAGES OF PROPOSED SYSTEM

Cost-effective, efficient, and provably secure against existential forgery.

The protocols use an anonymous account index instead of a WBAN client’s

real identity to access WBAN service.

Examining the soundness and performance of the similar designs.

CHAPTER 4

4. HARDWARE AND SOFTWARE SPECIFICATIONS

4.1 HARDWARE SYSTEM CONFIGURATION

System : Pentium IV 2.4 GHz.

Hard Disk : 40 GB.

Monitor : 15 VGA Colour.

Ram : 512 Mb.

4.2 SOFTWARE SYSTEM CONFIGURATION

Operating system : Windows XP.

Coding Language : C#.Net

Database : Sql Server 2005

CHAPTER 5

5.SOFTWARE DESCRIPTION

5.1 FEATURES OF .NET

Microsoft .NET is a set of Microsoft software technologies for rapidly

building and integrating XML Web services, Microsoft Windows-based

applications, and Web solutions. The .NET Framework is a language-neutral

platform for writing programs that can easily and securely interoperate. There’s no

language barrier with .NET: there are numerous languages available to the

developer including Managed C++, C#, Visual Basic and Java Script. The .NET

framework provides the foundation for components to interact seamlessly, whether

locally or remotely on different platforms. It standardizes common data types and

communications protocols so that components created in different languages can

easily interoperate.

“.NET” is also the collective name given to various software components

built upon the .NET platform. These will be both products (Visual Studio.NET and

Windows.NET Server, for instance) and services (like Passport, .NET My

Services, and so on).

5.1.2 THE .NET FRAMEWORK

The .NET Framework has two main parts:

1. The Common Language Runtime (CLR).

2. A hierarchical set of class libraries.

The CLR is described as the “execution engine” of .NET. It provides the

environment within which programs run. The most important features are

Conversion from a low-level assembler-style language, called Intermediate

Language (IL), into code native to the platform being executed on.

Memory management, notably including garbage collection.

Checking and enforcing security restrictions on the running code.

Loading and executing programs, with version control and other such

features.

The following features of the .NET framework are also worth

description:

5.1.3 Managed Code

The code that targets .NET, and which contains certain extraInformation -

“metadata” - to describe itself. Whilst both managed and unmanaged code can run

in the runtime, only managed code contains the information that allows the CLR to

guarantee, for instance, safe execution and interoperability.

5.1.4 Managed Data

With Managed Code comes Managed Data. CLR provides memory

allocation and Deal location facilities, and garbage collection. Some .NET

languages use Managed Data by default, such as C#, Visual Basic.NET and

JScript.NET, whereas others, namely C++, do not. Targeting CLR can, depending

on the language you’re using, impose certain constraints on the features available.

As with managed and unmanaged code, one can have both managed and

unmanaged data in .NET applications - data that doesn’t get garbage collected but

instead is looked after by unmanaged code.

5.1.5 Common Type System

The CLR uses something called the Common Type System (CTS) to strictly

enforce type-safety. This ensures that all classes are compatible with each other, by

describing types in a common way. CTS define how types work within the

runtime, which enables types in one language to interoperate with types in another

language, including cross-language exception handling. As well as ensuring that

types are only used in appropriate ways, the runtime also ensures that code doesn’t

attempt to access memory that hasn’t been allocated to it.

5.1.6 Common Language Specification

The CLR provides built-in support for language interoperability. To ensure

that you can develop managed code that can be fully used by developers using any

programming language, a set of language features and rules for using them called

the Common Language Specification (CLS) has been defined. Components that

follow these rules and expose only CLS features are considered CLS-compliant.

5.2 THE CLASS LIBRARY

.NET provides a single-rooted hierarchy of classes, containing over

7000 types. The root of the namespace is called System; this contains basic types

like Byte, Double, Boolean, and String, as well as Object. All objects derive from

System. Object. As well as objects, there are value types. Value types can be

allocated on the stack, which can provide useful flexibility. There are also efficient

means of converting value types to object types if and when necessary.

The set of classes is pretty comprehensive, providing collections, file,

screen, and network I/O, threading, and so on, as well as XML and database

connectivity.

The class library is subdivided into a number of sets (or namespaces),

each providing distinct areas of functionality, with dependencies between the

namespaces kept to a minimum.

5.2.1 LANGUAGES SUPPORTED BY .NET

The multi-language capability of the .NET Framework and Visual

Studio .NET enables developers to use their existing programming skills to build

all types of applications and XML Web services. The .NET framework supports

new versions of Microsoft’s old favorites Visual Basic and C++ (as VB.NET and

Managed C++), but there are also a number of new additions to the family.

Visual Basic .NET has been updated to include many new and

improved language features that make it a powerful object-oriented programming

language. These features include inheritance, interfaces, and overloading, among

others. Visual Basic also now supports structured exception handling, custom

attributes and also supports multi-threading.

Visual Basic .NET is also CLS compliant, which means that any CLS-

compliant language can use the classes, objects, and components you create in

Visual Basic .NET.

Managed Extensions for C++ and attributed programming are just

some of the enhancements made to the C++ language.

Managed Extensions simplify the task of migrating existing C++

applications to the new .NET Framework.

C# is Microsoft’s new language. It’s a C-style language that is

essentially “C++ for Rapid Application Development”. Unlike other languages, its

specification is just the grammar of the language. It has no standard library of its

own, and instead has been designed with the intention of using the .NET libraries

as its own.

Microsoft Visual J# .NET provides the easiest transition for Java-

language developers into the world of XML Web Services and dramatically

improves the interoperability of Java-language programs with existing software

written in a variety of other programming languages.

Active State has created Visual Perl and Visual Python, which

enable .NET-aware applications to be built in either Perl or Python. Both products

can be integrated into the Visual Studio .NET environment. Visual Perl includes

support for Active State’s Perl Dev Kit.

Other languages for which .NET compilers are available include

FORTRAN

COBOL

Eiffel

5.2.2 .Net Framework

ASP.NET

XML WEB

SERVICES

Windows Forms

Base Class Libraries

Common Language Runtime

Operating System

-

C#.NET is also compliant with CLS (Common Language Specification) and

supports structured exception handling. CLS is set of rules and constructs that

are supported by the CLR (Common Language Runtime). CLR is the runtime

environment provided by the .NET Framework; it manages the execution of the

code and also makes the development process easier by providing services.

C#.NET is a CLS-compliant language. Any objects, classes, or components that

created in C#.NET can be used in any other CLS-compliant language. In

addition, we can use objects, classes, and components created in other CLS-

compliant languages in C#.NET .The use of CLS ensures complete

interoperability among applications, regardless of the languages used to create

the application.

5.2.3 CONSTRUCTORS AND DESTRUCTORS:

Constructors are used to initialize objects, whereas destructors are used to

destroy them. In other words, destructors are used to release the resources

allocated to the object. In C#.NET the sub finalize procedure is available. The

sub finalize procedure is used to complete the tasks that must be performed

when an object is destroyed. The sub finalize procedure is called automatically

when an object is destroyed. In addition, the sub finalize procedure can be

called only from the class it belongs to or from derived classes.

5.2.4 GARBAGE COLLECTION

Garbage Collection is another new feature in C#.NET. The .NET

Framework monitors allocated resources, such as objects and variables. In

addition, the .NET Framework automatically releases memory for reuse by

destroying objects that are no longer in use.

In C#.NET, the garbage collector checks for the objects that are not currently in

use by applications. When the garbage collector comes across an object that is

marked for garbage collection, it releases the memory occupied by the object.

5.2.5 OVERLOADING

Overloading is another feature in C#. Overloading enables us to define

multiple procedures with the same name, where each procedure has a different

set of arguments. Besides using overloading for procedures, we can use it for

constructors and properties in a class.

5.2.6 .MULTITHREADING:

C#.NET also supports multithreading. An application that supports

multithreading can handle multiple tasks simultaneously, we can use

multithreading to decrease the time taken by an application to respond to user

interaction.

5.2.7 STRUCTURED EXCEPTION HANDLING

C#.NET supports structured handling, which enables us to detect and

remove errors at runtime. In C#.NET, we need to use Try…Catch…Finally

statements to create exception handlers. Using Try…Catch…Finally statements,

we can create robust and effective exception handlers to improve the

performance of our application.

5.3 THE .NET FRAMEWORK

The .NET Framework is a new computing platform that simplifies

application development in the highly distributed environment of the Internet.

5.3.1 OBJECTIVES OF. NET FRAMEWORK

1. To provide a consistent object-oriented programming environment whether

object codes is stored and executed locally on Internet-distributed, or executed

remotely.

2. To provide a code-execution environment to minimizes software deployment

and guarantees safe execution of code.

3. Eliminates the performance problems.

There are different types of application, such as Windows-based applications

and Web-based applications.

5.4 Features of SQL-SERVER

The OLAP Services feature available in SQL Server version 7.0 is

now called SQL Server 2000 Analysis Services. The term OLAP Services has been

replaced with the term Analysis Services. Analysis Services also includes a new

data mining component. The Repository component available in SQL Server

version 7.0 is now called Microsoft SQL Server 2000 Meta Data Services.

References to the component now use the term Meta Data Services. The term

repository is used only in reference to the repository engine within Meta Data

Services

SQL-SERVER database consist of six type of objects,

They are,

1. TABLE

2. QUERY

3. FORM

4. REPORT

5. MACRO

5.4.1 TABLE:

A database is a collection of data about a specific topic.

5.4.2 VIEWS OF TABLE:

We can work with a table in two types,

1. Design View

2. Datasheet View

5.4.3 Design View

To build or modify the structure of a table we work in the table

design view. We can specify what kind of data will be hold.

5.4.4 Datasheet View

To add, edit or analyses the data itself we work in tables

datasheet view mode.

5.5 QUERY:

A query is a question that has to be asked the data. Access gathers data that

answers the question from one or more table. The data that make up the answer is

either dynaset (if you edit it) or a snapshot (it cannot be edited).Each time we run

query, we get latest information in the dynaset. Access either displays the dynaset

or snapshot for us to view or perform an action on it, such as deleting or updating.

5.6 AJAX:

ASP.NET Ajax marks Microsoft's foray into the ever-growing Ajax

framework market. Simply put, this new environment for building Web

applications puts Ajax at the front and center of the .NET Framework.

CHAPTER 6

6.SYSTEM ARCHITECTURE

CHAPTER 7

UML INTERACTION DIAGRAMS

DATA FLOW DIAGRAM

SEQUENCE DIAGRAM

USE CASE DIAGRAM

ACTIVITY DIAGRAM

CHAPTER 8

8.SYSTEM IMPLEMENTATION

Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.

The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.

8.1 Modules

1.Pervasive health monitoring in M-Healthcare

2.WirelessBody Sensor Network

3.Security Analysis

4.Performance Evolution

5.Simulation Setup

6.Report Generation

8.1.1 Certificateless Health Monitoring in M-Healthcare

In this module, each mobile medical user’s personal health information

(PHI)such as heart beat, blood sugar level, blood pressure andtemperature and

others, can be first collected by BSN, andthen aggregated by smartphone via

Bluetooth. Finally, theyare further transmitted to the remote healthcare center

via3G networks. Based on these collected PHI data, medicalprofessionals at

healthcare center can continuously monitormedical users’ health conditions and as

well quickly react to users’ life-threatening situations and save their lives

bydispatching ambulance and medical personnel to an emergencylocation in a

timely fashion.

8.1.2 Wireless Body Sensor Network

In this module, Body area network (BAN), wireless body area network

(WBAN) or body sensor network (BSN) are terms used to describe the application

of wearable computing devices. This will enable wireless communication between

several miniaturized body sensor units (BSU) and a single body central unit (BCU)

worn at the human body.

– Deploy wearable sensors on the bodies of patients in a residential

setting

– Continuously monitor physiological signals (such as ECG, blood

oxygen levels) and other health related information (such as physical

activity)

8.1.3 Security Analysis

In this Module to develop a secure and privacy-preserving opportunistic

computing framework to provide high reliability of PHI process and transmission

while minimizing PHI privacy disclosure in m-Healthcare emergency. Specifically,

we

i) apply opportunistic computing in m-Healthcare emergency to

achieve high-reliability of PHI process and transmission; and

ii) ii) develop user-centric privacy access control to minimize the PHI

privacy disclosure.

8.1.4 Performance Evolution

In this module, the performance metrics used in the evaluationare :

1) The average number of qualified helpersnovel certificateless

signature (CLS), whichindicates how many qualified helpers can participate

in theopportunistic computing within a given time period, and

2) Theaverage resource consumption ratio (RCR), which is defined as

the fraction of the resources consumed by the medical userin emergency to

the total resources consumed in opportunisticcomputing for PHI process

within a given time period

8.1.5 Simulation Setup

In this Module, the simulator implements the application layer under the

assumptions that the

communications between

smart phones and the

communications between

BSNs and smart phones

are always workable

when they are within

each other’s transmission

ranges.

8.1.6 Report generation

In this module, Health care center generate crystal report from the database

collection for future reference.

8.2 INPUT DESIGN

The input design is the link between the information system and the user. It comprises the developing specification and procedures for data preparation and those steps are necessary to put transaction data in to a usable form for processing can be achieved by inspecting the computer to read data from a written or printed document or it can occur by having people keying the data directly into the system. The design of input focuses on controlling the amount of input required, controlling the errors, avoiding delay, avoiding extra steps and keeping the process simple. The input is designed in such a way so that it provides security and ease of use with retaining the privacy. Input Design considered the following things.

What data should be given as input? How the data should be arranged or coded? The dialog to guide the operating personnel in providing input. Methods for preparing input validations and steps to follow when error

occur.

8.2.1 OBJECTIVES

1.Input Design is the process of converting a user-oriented description of the input into a computer-based system. This design is important to avoid errors in the data input process and show the correct direction to the management for getting correct information from the computerized system.

2. It is achieved by creating user-friendly screens for the data entry to handle large volume of data. The goal of designing input is to make data entry easier and to be free from errors. The data entry screen is designed in such a way that all the data manipulates can be performed. It also provides record viewing facilities.

3. When the data is entered it will check for its validity. Data can be entered with the help of screens. Appropriate messages are provided as when needed so that the user will not be in maize of instant. Thus the objective of input design is to create an input layout that is easy to follow

8.3 OUTPUT DESIGN

A quality output is one, which meets the requirements of the end user and presents the information clearly. In any system results of processing are communicated to the users and to other system through outputs. In output design it is determined how the information is to be displaced for immediate need and also the hard copy output. It is the most important and direct source information to the user. Efficient and intelligent output design improves the system’s relationship to help user decision-making.

1. Designing computer output should proceed in an organized, well thought out manner; the right output must be developed while ensuring that each output element is designed so that people will find the system can use easily and effectively. When analysis design computer output, they should Identify the specific output that is needed to meet the requirements.

2.Select methods for presenting information.

3.Create document, report, or other formats that contain information produced by the system.

The output form of an information system should accomplish one or more of the following objectives.

Convey information about past activities, current status or projections of the Future. Signal important events, opportunities, problems, or warnings. Trigger an action. Confirm an action.

CHAPTER 9

9. SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process of

trying to discover every conceivable fault or weakness in a work product.

It provides a way to check the functionality of components, sub

assemblies, assemblies and/or a finished product It is the process of exercising

software with the intent of ensuring that the Software system meets.

its requirements and user expectations and does not fail in an

unacceptable manner.

There are various types of test. Each test type addresses a specific testing

requirement.

9.1 TYPES OF TESTS

Unit testing

Integration testing

Functional test

System Test

White Box Testing

Black Box Testing

Acceptance Testing

9.1.1 Unit testing

Unit testing involves the design of test cases that validate that the internal

program logic is functioning properly, and that program inputs produce valid

outputs. All decision branches and internal code flow should be validated. It is the

testing of individual software units of the application .it is done after the

completion of an individual unit before integration. This is a structural testing, that

relies on knowledge of its construction and is invasive. Unit tests perform basic

tests at component level and test a specific business process, application, and/or

system configuration. Unit tests ensure that each unique path of a business process

performs accurately to the documented specifications and contains clearly defined

inputs and expected results.

9.1.2 Integration testing

Integration tests are designed to test integrated software components to

determine if they actually run as one program. Testing is event driven and is more

concerned with the basic outcome of scr eens or fields.

Integration tests demonstrate that although the components were

individually satisfaction, as shown by successfully unit testing, the combination of

components is correct and consistent.

Integration testing is specifically aimed at exposing the problems that

arise from the combination of components.

9.1.3 Functional test

Functional tests provide systematic demonstrations that functions tested are

available as specified by the business and technical requirements, system

documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements,

key functions, or special test cases. In addition, systematic coverage pertaining to

identify Business process flows; data fields, predefined processes, and successive

processes must be considered for testing. Before functional testing is complete,

additional tests are identified and the effective value of current tests is determined.

9.1.4 System Testing

System testing ensures that the entire integrated software system meets

requirements. It tests a configuration to ensure known and predictable results. An

example of system testing is the configuration oriented system integration test.

System testing is based on process descriptions and flows, emphasizing pre-driven

process links and integration points.

9.1.5 White Box Testing

White Box Testing is a testing in which in which the software tester has

knowledge of the inner workings, structure and language of the software, or at least

its purpose. It is purpose. It is used to test areas that cannot be reached from a black

box level.

9.1.6 Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner

workings, structure or language of the module being tested. Black box tests, as

most other kinds of tests, must be written from a definitive source document, such

as specification or requirements document, such as specification or requirements

document.

It is a testing in which the software under test is treated, as a black box .you

cannot “see” into it.

The test provides inputs and responds to outputs without considering how

the software works.

9.2 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test

phase of the software lifecycle, although it is not uncommon for coding and unit

testing to be conducted as two distinct phases.

9.2.1 Test strategy and approach

Field testing will be performed manually and functional tests will be written in detail.

9.2.2 Test objectives

All field entries must work properly.

Pages must be activated from the identified link.

The entry screen, messages and responses must not be delayed.

9.2.3 Features to be tested

Verify that the entries are of the correct format

No duplicate entries should be allowed

All links should take the user to the correct page.

9.3 Integration Testing

Software integration testing is the incremental integration testing of two or

more integrated software components on a single platform to produce failures

caused by interface defects.

The task of the integration test is to check that components or software

applications, e.g. components in a software system or – one step up – software

applications at the company level – interact without error.

9.3.1 Test Results: All the test cases mentioned above passed successfully. No

defects encountered.

9.4 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires

significant participation by the end user. It also ensures that the system meets the

functional requirements.

9.4.1 Test Results: All the test cases mentioned above passed successfully. No

defects encountered.

CHAPTER 10

10.FEASIBLITY STUDY

10.1 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and

business proposal is put forth with a very general plan for the project and some

cost estimates. During system analysis the feasibility study of the proposed system

is to be carried out. This is to ensure that the proposed system is not a burden to the

company. For feasibility analysis, some understanding of the major requirements

for the system is essential.

Three key considerations involved in the feasibility analysis are

ECONOMICAL FEASIBILITY

TECHNICAL FEASIBILITY

SOCIAL FEASIBILITY

10.1.1 ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the

system will have on the organization. The amount of fund that the company can

pour into the research and development of the system is limited. The expenditures

must be justified. Thus the developed system as well within the budget and this

was achieved because most of the technologies used are freely available. Only the

customized products had to be purchased.

10.1.2 TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility,

that is, the technical requirements of the system. Any system developed must not

have a high demand on the available technical resources. This will lead to high

demands on the available technical resources. This will lead to high demands being

placed on the client. The developed system must have a modest requirement, as

only minimal or null changes are required for implementing this system.

10.1.3 SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system

by the user. This includes the process of training the user to use the system

efficiently. The user must not feel threatened by the system, instead must accept it

as a necessity. The level of acceptance by the users solely depends on the methods

that are employed to educate the user about the system and to make him familiar

with it. His level of confidence must be raised so that he is also able to make some

constructive criticism, which is welcomed, as he is the final user of the system.

CHAPTER 11

11.RESULT11.1. CODING

11.1.1 Health Center:-

using System;

usingSystem.Collections.Generic;

usingSystem.ComponentModel;

usingSystem.Data;

usingSystem.Drawing;

usingSystem.Linq;

usingSystem.Text;

usingSystem.Windows.Forms;

namespaceHealth_care_Centre

{

public partial class Form1 : Form

{

public Form1()

{

InitializeComponent();

}

private void button1_Click(object sender, EventArgs e)

{

if (textBox1.Text == "dean" && textBox2.Text == "dean")

{

this.Hide();

Medicaluser mu = new Medicaluser();

mu.Show();

}

else

{

MessageBox.Show("Invalid User");

}

}

}

}

11.1.2 Router:-

using System;



usingSystem.Data;


usingSystem.Linq;

usingSystem.Text;


using System.Net;

usingSystem.Net.Sockets;

using System.IO;

namespaceHealth_care_Centre

{

public partial class receive : Form

{

public receive()

{


DestCode.receivedPath = "";

}

private void label4_Click(object sender, EventArgs e)

{

}


{

}


{

}


{

}


{

}


{

}


{

}


{

}


{

}

private void receive_Load(object sender, EventArgs e)

{

backgroundWorker1.RunWorkerAsync();

label14.Visible = false;




















}

DestCodeobj = new DestCode();

private void backgroundWorker1_DoWork(object sender, DoWorkEventArgs e)

{

obj.StartServer();

}

private void timer1_Tick(object sender, EventArgs e)

{

//label2.Text = DestCode.receivedPath;

lblres.Text = DestCode.curMsg;

if (lblres.Text == "File Received")

{

Application.DoEvents();

System.Threading.Thread.Sleep(1500);

label40.Visible = true;

































linkLabel2.Visible = true;

}

}

classDestCode

{

IPEndPointipEnd;

Socket sock;

publicDestCode()

{

IPHostEntryipEntry = Dns.GetHostEntry(Environment.MachineName);

IPAddressIpAddr = ipEntry.AddressList[2];

ipEnd = new IPEndPoint(IpAddr, 5656);

sock = new Socket(IpAddr.AddressFamily, SocketType.Stream, ProtocolType.IP);

sock.Bind(ipEnd);

}

public static string receivedPath;

public static string receivedPath1;

public static string curMsg = "Waiting...";

public void StartServer()

{

try

{

//curMsg = "Starting...";

sock.Listen(100);

// curMsg = "Running and waiting to receive file.";

Socket clientSock = sock.Accept();

byte[] clientData = new byte[1024 * 5000];

byte[] clientData1 = new byte[1024 * 5000];

intreceivedBytesLen = clientSock.Receive(clientData);

curMsg = "Receiving data...";

//bWrite1.Close();

clientSock.Close();


curMsg = "File Received";

StartServer();

}

catch (Exception ex)

{

curMsg = "File Receving error.";

}

}

}

private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)

{

}


{

}

private void linkLabel3_LinkClicked_1(object sender, LinkLabelLinkClickedEventArgs e)

{

this.Hide();

Medicaluser mu = new Medicaluser();

mu.Show();

}


{

this.Hide();

database mm = new database();

mm.Show();

}

}

}

11.1.3 Medical User:

using System;



usingSystem.Data;


usingSystem.Linq;

usingSystem.Text;


usingSystem.Data.SqlClient;

usingSystem.Configuration;

namespaceMedical_User

{

public partial class reg : Form

{

stringconstring = Convert.ToString(ConfigurationSettings.AppSettings["ConnectionString"]);

id ii = new id();

string status = "ok";

publicreg()

{


}


{

this.Hide();

Form1 f1 = new Form1();

f1.Show();

}

private void button1_Click(object sender, EventArgs e)

{

SqlConnection con = new SqlConnection(constring);

con.Open();

SqlCommandcmd = new SqlCommand("Insert into reg values('" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "','" + textBox5.Text + "','" + textBox6.Text + "','"+ textBox7.Text + "','" + textBox8.Text+"','"+ status + "')", con);

cmd.ExecuteNonQuery();

MessageBox.Show("Details saved");

}

private void reg_Load(object sender, EventArgs e)

{

textBox1.Text = Convert.ToString(ii.idd());

}

}

}

11.2 .SCREEN SHOTS

11.2.1Healthcare user login

11.2.2 Medical user login page

11.2.3 New medical user register page

11.2.4 Details stored in medical user stored in database

11.2.5 Body sensor sensing medical user details

11.2.6 Phi calculated and transmitter via router to health care.

11.2.7 Files are securely transferred and seen in health care.

CHAPTER 12

12 .CONCLUSION

we presented two certificate less remote authentication protocols to preserve the privacy of potential WBAN users when they access network medical service through WBANs terminals. To design the protocols, we developed a novel certificate less signature scheme as a cryptographic primitive by carefully exploring the special characteristics of WBANs. We formally proved that our certificate less signature scheme has a potential to achieve more desirable security properties with less computational cost than the existing schemes. One salient feature of our protocols is that medical application or service providers do not have privilege to reveal the true identity of users even given all the session information.

Also, the network manager cannot impersonate any legitimate users although it serves as PKG.

Sound theoretic analysis, comparative studies, and simulations were conducted to evaluate our proposed protocols, which outperformed most of the existing authentication schemes in terms of better tradeoff between security properties, computational overhead, as well as implementation and running time.

12.1 FUTURE ENHANCEMENTS

we have clearly analyzed in the paper, the run round of mutual authentication protocols has been reduced to 2.

Thus, we attempt to design signature schemes with better trade-off between computational overhead and efficiency, so that the computational complexity of the authentication protocols can be decreased as a whole. In addition, we intend to develop a set of realistic experimental scenarios to test our protocols.

As such, benchmark scenarios are still available, it would benefit to the WBAN research community.

REFERENCES

Good Teachers are worth more than thousand books, we have them in Our

Department

References Made From:

1. User Interfaces in C#: Windows Forms and Custom Controls by Matthew

MacDonald.

2. Applied Microsoft® .NET Framework Programming (Pro-Developer) by

Jeffrey Richter.

3. Practical .Net2 and C#2: Harness the Platform, the Language, and the

Framework by Patrick Smacchia.

4. Data Communications and Networking, by Behrouz A Forouzan.

5. Computer Networking: A Top-Down Approach, by James F. Kurose.

6. Operating System Concepts, by Abraham Silberschatz.

7. M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “Above the clouds: A berkeley view of cloud computing,” University of California, Berkeley, Tech. Rep. USB-EECS-2009-28, Feb 2009.

8. “The apache cassandra project,” http://cassandra.apache.org/.

9. L. Lamport, “The part-time parliament,” ACM Transactionson Computer Systems, vol. 16, pp. 133–169, 1998.

10. N. Bonvin, T. G. Papaioannou, and K. Aberer, “Cost-efficientand differentiated data availability guarantees in data clouds,”in Proc. of the ICDE, Long Beach, CA, USA, 2010.

11. O. Regev and N. Nisan, “The popcorn market. online marketsfor computational resources,” Decision Support Systems,vol. 28, no. 1-2, pp. 177 – 189, 2000.

12. A. Helsinger and T. Wright, “Cougaar: A robust configurablemulti agent platform,” in Proc. of the IEEE Aerospace Conference,2005.

13. J. Brunelle, P. Hurst, J. Huth, L. Kang, C. Ng, D. C. Parkes,

http://cassandra.apache.org/

M. Seltzer, J. Shank, and S. Youssef, “Egg: an extensible andeconomics-inspired open grid computing platform,” in Proc.of the GECON, Singapore, May 2006.

14. J. Norris, K. Coleman, A. Fox, and G. Candea, “Oncall: Defeatingspikes with a free-market application cluster,” in Proc.of the International Conference on Autonomic Computing,New York, NY, USA, May 2004.

15. C. Pautasso, T. Heinis, and G. Alonso, “Autonomic resourceprovisioning for software business processes,” Informationand Software Technology, vol. 49, pp. 65–80, 2007.

16. A. Dan, D. Davis, R. Kearney, A. Keller, R. King, D. Kuebler,H. Ludwig, M. Polan, M. Spreitzer, and A. Youssef, “Webservices on demand: Wsla-driven automated management,”IBM Syst. J., vol. 43, no. 1, pp. 136–158, 2004.

17. M. Wang and T. Suda, “The bio-networking architecture: abiologically inspired approach to the design of scalable, adaptive,and survivable/available network applications,” in Proc.of the IEEE Symposium on Applications and the Internet,2001.

18. N. Laranjeiro and M. Vieira, “Towards fault tolerance in

web services compositions,” in Proc. of the workshop onengineering fault tolerant systems, New York, NY, USA,2007.

19. C. Engelmann, S. L. Scott, C. Leangsuksun, and X. He,“Transparent symmetric active/active replication for servicelevelhigh availability,” in Proc. of the CCGrid, 2007.

20. J. Salas, F. Perez-Sorrosal, n.-M. M. Pati and R. Jim´enez-Peris, “Ws-replication: a framework for highly available webservices,” in Proc. of the WWW, New York, NY, USA, 2006,

Sites Referred:

http://www.sourcefordgde.com

http://www.networkcomputing.com/

http://www.ieee.org

http://www.emule-project.net/

http://www.emule-project.net/

http://www.ieee.org/

http://www.networkcomputing.com/

http://www.sourcefordgde.com/

Documents

CERTIFICATELESS REMOTE ANONYMOUS AUTHENTICATION SCHEMES FOR WIRELESS BODY AREA NETWORKS A PROJECT REPORT