Access Control System(Synopsis)

8/10/2019 Access Control System(Synopsis)

1/12

Project ReportAccess Control System

Access Control System

1


2/12

INTRODUCTION

1) PURPOSE OF THE PROJECT

To develop a security system which will look after the

access to SQL server database from an application?

The system should provide security at different levels for

an application with respect to the requirements of the

application.

Notify to the user regarding the revoking of the security

privileges.

To provide different privileges to different levels of users

of an application.

To send a mail regarding the expiry of the access.

To Secure SQL Server Database from password

generators.

2) PROBLEMS IN THE EXISTING SYSTEM

The current system is in context with SQL server level of

security.

Password generators can be easily crack through the

security of the SQL server Database.

2


3/12

Doesnt provide any option on itself to revoke or set

different levels of access to different users.

Can directly interact with the SQL Server.

3) SOLUTION OF THESE PROBLENS

To create a firewall kind of an application which will

monitor the access to SQL server from a remote as from

the same location where SQL server is located.

Provide Interactive interface through which Security

levels can be changed on demand.

Check for the authenticity of the user before checking

with the security of SQL Server users.

Works as an intermediate agent to provide a security to

SQL Server.

Maintains the authenticity about the application in SQL

Server.

Generate logs of user access whenever one logs.

Should apply as firewall only on those areas of

application which are configured. There by not reducing

the performance of actual application.

3


4/12

4) HARDWARE & SOFTWARE SPECIFICATIONS

HARDWARE REQUIREMENTS:

PIII 500MHZ or above

128MB RAM

100MB Free Hard disk space

STD Coor Mo!i"or

#e"$ork i!"er%ace card or Mode& 'For Re&o"e So(rces)

*A# #e"$ork 'For Re&o"e So(rces)

SOFTWARE REQUIREMENTS:

+I#D,+S #T - . 2000 . / . M

3is(a S"(dio #e" 2002 !"erprise di"io!

3is(a S"(dio ASP#e" +eb Ma"ri4

I!"er!e" I!%or&a"io! Server 50

3is(a S"(dio #e" Fra&e$ork 'Mi!i&a %or Depo&e!")

4


5/12

1) STUDY OF THE SYSTEM

The complete system can be divided into four major parts on basis

of their working.

A)Profile Management.

B)User & Group Management.

C)Application Administration

D)System Administration

Profile Management:

With profile management a user logged into the system

can manage his profile in terms of his personal details. Only the

user logged in can view his profile only. The user can make changes

to his/her profile and update with the database.

5


6/12

Profile creation is a part of User & group management

where new users are created.

User & Group Management:

User & Group management involves creating new users

making changes to the available user. It is the place where new

profiles are created. Once a user is created the system should

provide privileges or rights on a application or set of applications

which are configured with this security system. A user can be

places under any group where are groups can be created with the

groups section of the application. By default available groups are

Administrator, User, and Manager. Which is SQL server defined

group levels. Using the goups section new groups can be created with in

the system. The newly created groups should be subgroup to an

SQL server defined group.

Application Administration:

An administrator includes the tasks of Configuring an

application with the security system. You can include new

application as well as update or delete the available applications.

6


7/12

The process includes providing the name, description and the

location of an application to be configured.

System Administration:

System administrator can again be divided into 4 parts.

1)Levels

2)Mail

3)Parameters

4)Clear Log

Levels:

It includes managing levels with respect to the application and goup

based access a single project can be placed under two different

levels with two different groups. With this option the available levels

can be managed by creating new levels , updating the application

from one level to another level as well as deleing the application

from a level.

Mail:

Configuring of mail includes notifying the application with a

notice regarding the different activities occurred with in the access

7


8/12

levels of the application. The TO part of the application can be

configures using the config file which is part of the application.

Parameters:

It includes the password management and notification to the

user on expiry of the account. The different parameters that can be

set are Acct expired, Acct Halted etc. The parameters set using this

option will be used by the mail notifies to notify the user with the

current status of the access levels. The text provides the necessary

brief description to the mails message section.

Clear Log:

This part of an application can be used to clear the log which

application was maintaining when different applications wereseeking the security under the shade of SQL Server Security

Analyzer. With this option the logs can be cleared.

8


9/12

9


10/12

My Profile

10


11/12

Users:

11


12/12

12

Documents

Access Control System(Synopsis)