Upload
sanjaykumarguptaa
View
225
Download
0
Embed Size (px)
Citation preview
8/10/2019 Access Control System(Synopsis)
1/12
Project ReportAccess Control System
Access Control System
1
8/10/2019 Access Control System(Synopsis)
2/12
INTRODUCTION
1) PURPOSE OF THE PROJECT
To develop a security system which will look after the
access to SQL server database from an application?
The system should provide security at different levels for
an application with respect to the requirements of the
application.
Notify to the user regarding the revoking of the security
privileges.
To provide different privileges to different levels of users
of an application.
To send a mail regarding the expiry of the access.
To Secure SQL Server Database from password
generators.
2) PROBLEMS IN THE EXISTING SYSTEM
The current system is in context with SQL server level of
security.
Password generators can be easily crack through the
security of the SQL server Database.
2
8/10/2019 Access Control System(Synopsis)
3/12
Doesnt provide any option on itself to revoke or set
different levels of access to different users.
Can directly interact with the SQL Server.
3) SOLUTION OF THESE PROBLENS
To create a firewall kind of an application which will
monitor the access to SQL server from a remote as from
the same location where SQL server is located.
Provide Interactive interface through which Security
levels can be changed on demand.
Check for the authenticity of the user before checking
with the security of SQL Server users.
Works as an intermediate agent to provide a security to
SQL Server.
Maintains the authenticity about the application in SQL
Server.
Generate logs of user access whenever one logs.
Should apply as firewall only on those areas of
application which are configured. There by not reducing
the performance of actual application.
3
8/10/2019 Access Control System(Synopsis)
4/12
4) HARDWARE & SOFTWARE SPECIFICATIONS
HARDWARE REQUIREMENTS:
PIII 500MHZ or above
128MB RAM
100MB Free Hard disk space
STD Coor Mo!i"or
#e"$ork i!"er%ace card or Mode& 'For Re&o"e So(rces)
*A# #e"$ork 'For Re&o"e So(rces)
SOFTWARE REQUIREMENTS:
+I#D,+S #T - . 2000 . / . M
3is(a S"(dio #e" 2002 !"erprise di"io!
3is(a S"(dio ASP#e" +eb Ma"ri4
I!"er!e" I!%or&a"io! Server 50
3is(a S"(dio #e" Fra&e$ork 'Mi!i&a %or Depo&e!")
4
8/10/2019 Access Control System(Synopsis)
5/12
1) STUDY OF THE SYSTEM
The complete system can be divided into four major parts on basis
of their working.
A)Profile Management.
B)User & Group Management.
C)Application Administration
D)System Administration
Profile Management:
With profile management a user logged into the system
can manage his profile in terms of his personal details. Only the
user logged in can view his profile only. The user can make changes
to his/her profile and update with the database.
5
8/10/2019 Access Control System(Synopsis)
6/12
Profile creation is a part of User & group management
where new users are created.
User & Group Management:
User & Group management involves creating new users
making changes to the available user. It is the place where new
profiles are created. Once a user is created the system should
provide privileges or rights on a application or set of applications
which are configured with this security system. A user can be
places under any group where are groups can be created with the
groups section of the application. By default available groups are
Administrator, User, and Manager. Which is SQL server defined
group levels. Using the goups section new groups can be created with in
the system. The newly created groups should be subgroup to an
SQL server defined group.
Application Administration:
An administrator includes the tasks of Configuring an
application with the security system. You can include new
application as well as update or delete the available applications.
6
8/10/2019 Access Control System(Synopsis)
7/12
The process includes providing the name, description and the
location of an application to be configured.
System Administration:
System administrator can again be divided into 4 parts.
1)Levels
2)Mail
3)Parameters
4)Clear Log
Levels:
It includes managing levels with respect to the application and goup
based access a single project can be placed under two different
levels with two different groups. With this option the available levels
can be managed by creating new levels , updating the application
from one level to another level as well as deleing the application
from a level.
Mail:
Configuring of mail includes notifying the application with a
notice regarding the different activities occurred with in the access
7
8/10/2019 Access Control System(Synopsis)
8/12
levels of the application. The TO part of the application can be
configures using the config file which is part of the application.
Parameters:
It includes the password management and notification to the
user on expiry of the account. The different parameters that can be
set are Acct expired, Acct Halted etc. The parameters set using this
option will be used by the mail notifies to notify the user with the
current status of the access levels. The text provides the necessary
brief description to the mails message section.
Clear Log:
This part of an application can be used to clear the log which
application was maintaining when different applications wereseeking the security under the shade of SQL Server Security
Analyzer. With this option the logs can be cleared.
8
8/10/2019 Access Control System(Synopsis)
9/12
9
8/10/2019 Access Control System(Synopsis)
10/12
My Profile
10
8/10/2019 Access Control System(Synopsis)
11/12
Users:
11
8/10/2019 Access Control System(Synopsis)
12/12
12