Академический Документы
Профессиональный Документы
Культура Документы
Specification
For
Prepared by:
Awantha S.A.T
Darshana S.A.T.
Kumara M.D.B.J.B.
Sandakalum H.K.L.S.
26thOctober2006
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
TableofContents
TableofContents...........................................................................................................................ii
1. Introduction..............................................................................................................................1
1.1
1.2
1.3
1.4
Purpose.......................................................................................................................................1
DocumentConventions..............................................................................................................1
IntendedAudienceandReadingSuggestions.............................................................................1
ProjectScope..............................................................................................................................1
2.1
2.2
2.3
2.4
2.5
2.6
2.7
ProductPerspective....................................................................................................................2
ProductFeatures.........................................................................................................................2
UserClassesandCharacteristics................................................................................................3
OperatingEnvironment..............................................................................................................3
DesignandImplementationConstraints.....................................................................................4
UserDocumentation...................................................................................................................4
AssumptionsandDependencies.................................................................................................4
2. OverallDescription..................................................................................................................2
3. SystemFeatures.......................................................................................................................4
3.1
Authenticationusingusersmobilephone..................................................................................4
3.1.1 DescriptionandPriority.........................................................................................................4
3.1.2 Stimulus/ResponseSequences...............................................................................................5
3.1.3 FunctionalRequirements........................................................................................................5
3.2
Alternativeauthenticationmechanismforspecialconditions.....................................................5
3.2.1 DescriptionandPriority.........................................................................................................5
3.2.2 Stimulus/ResponseSequences...............................................................................................5
3.2.3FunctionalRequirements..........................................................................................................5
3.3
Identifyingthedirectionoftheauthenticateduser......................................................................6
3.3.1 DescriptionandPriority.........................................................................................................6
3.3.2 Stimulus/ResponseSequences...............................................................................................6
3.3.3 FunctionalRequirements........................................................................................................6
3.4
Automaticauthorizationtotheresources...................................................................................6
3.4.1 DescriptionandPriority.........................................................................................................6
3.4.2 Stimulus/ResponseSequences...............................................................................................6
3.4.3 FunctionalRequirements........................................................................................................7
3.5
Identifyingthelocationoftheuser.............................................................................................7
3.5.1 DescriptionandPriority.........................................................................................................7
3.5.2 Stimulus/ResponseSequences...............................................................................................7
3.5.3 FunctionalRequirements........................................................................................................7
3.6
Trackingtheusersspecificactivitiessuchasenteringandleavingtime...................................7
3.6.1 DescriptionandPriority.........................................................................................................7
3.6.2 Stimulus/ResponseSequences...............................................................................................7
3.6.3 FunctionalRequirements........................................................................................................7
4. ExternalInterfaceRequirements...........................................................................................8
4.1
4.2
4.3
UserInterfaces............................................................................................................................8
HardwareInterfaces...................................................................................................................8
SoftwareandcommunicationInterfaces.....................................................................................8
5.1
5.2
5.3
5.4
PerformanceRequirements.........................................................................................................9
SafetyRequirements...................................................................................................................9
SecurityRequirements..............................................................................................................10
SoftwareQualityAttributes......................................................................................................10
5. OtherNonfunctionalRequirements.......................................................................................9
AppendixA:Glossary..................................................................................................................11
Abbreviations........................................................................................................................................11
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
1.
Introduction
1.1
Purpose
This document, the software requirement specification for the project Mobile Based Security
System is intended to specify the whole requirements relevant to the project. This includes all
the functional & non-functional requirements within the scope which is going to be
implemented. Apart from that this specifies major software and hardware features of the
system.
Software Requirements Specification acts as the basis agreement between the relevant
customer and the project development team. This also causes to reduce the effort needed by
the development team while giving best estimation capabilities.
1.2
DocumentConventions
Names of main sections have been inserted in bold letters.
All abbreviations and acronyms are defined in Appendix A.
New phrases are in italic letters.
1.3
IntendedAudienceandReadingSuggestions
The indented audience of this document is spread in various areas. This project is mainly
focusing on commercial organizations that need security system with some sort of enhanced
features. For example banks, IT industries, educational organizations like universities and etc.
And also project supervisor and the department staff who are doing the project coordination,
project manager, project team leader, developers, documentation writers and quality assurance
people are the other intended audience of this project.
Sequence of reading this document is suggested as top to bottom beginning from the
introduction.
1.4
ProjectScope
Mobile phones based security system is a security system with some sort of user friendly
authentication capabilities with the use of a mobile phone basically. The main purposes behind
this project are to reduce some of the vulnerabilities in existing security systems, providing
user friendly authentication mechanisms (for organizations resources such as domains,
networks and so on) and location identification. This will be useful to business organizations
for keeping confidential information as confidentially. For example the strategies, stability,
configurations and etc are can be considered as some of the confidential information. And it
can also provide some management capabilities as well.
The project is carried out within two phases.
Phase 1: Main entrance authentication and resource management.
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
2.
OverallDescription
2.1
ProductPerspective
Even though the product which is going to be implemented is a new product it can be used as
a enhancing solution for a existing system. Most common security systems at present are
swipe cards, finger print identifications, face recognitions, RFID and etc. Since MPBSS is
consist of automatic authentication and location identification, it is possible to replace or
improve the above mentioned security systems using the mechanisms which are using in this
system implementation.
The following diagram illustrates high level prototype of the system.
BlueTooth Adaptors
AD
AD
Main Entrance
Sub Entrance
Main Server
BlueTooth Adaptors
Department x
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
2.2
ProductFeatures
2.3
UserClassesandCharacteristics
Under the features specifying in the system it is possible to divide the users into several classes
as follows.
Note: Assume that all the users have mobile phone except if not especially mentioned
Administrator
The system administrator which administrates the resources of the organization
has all the privileges mentioned under 2.2 product features.
Normal users
The people who uses the organization resources such as computers, networks
and other peripherals. This class of users has all the privileges except the
administrative privileges.
Normal users without a mobile phone
Even though this kind of users has the same privileges as the normal users he
or she will be authenticated through another step. Location based identification
is not possible under this class of users.
Minor staff
This class of users includes people like peons, cleaning staff, maintaining staff,
security and so on. This class of users has the privileges to authentication but
not automatic authorization privileges.
Visitors
These are the people external to the particular organization. They have
privileges only to authenticate to the organization.
2.4
OperatingEnvironment
The system consists of two operating environments, client side and server side. Client side is
run on a mobile phone environment while the server side is running on a LDAP server. The
communication between the mobile client and the server is handling via bluetooth technology.
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
2.5
DesignandImplementationConstraints
Most of the nowadays phones contains the java platform and some of have windows platform.
Therefore the system may have a constraint of platform dependency. Since the client side is
operating on a mobile phone there are constraints on memory and the processing power of the
mobile phone. Apart from those things communication time is also a main constraint for the
system. Since the development is carried out under the Bluetooth and LDAP protocols
this system has those communication protocols constraints.
2.6
UserDocumentation
Project website will be published with all the details regarding the project. It allows users to
login to their profiles, get online help and some extra features as well. An organization which
is going to use this system will be provided a user manual apart from the online help provided
through the project web site.
2.7
AssumptionsandDependencies
3.
SystemFeatures
3.1
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
upapplicationinhis/hermobilephone.Thisfeaturehasthehighestpriorityinthe
system.
3.1.2 Stimulus/Response Sequences
Two bluetooth adapters which are attached on either sides of the entrance are
searching for bluetooth enabled phones which are inside the effective signal area.
User comes near to the entrance.
Bluetooth adapters detect the phone and send a signal requesting the username
which is a unique id of the phone (IMEI number, SIM number or phone number).
Then mobile phone starts the MPBSS application on the mobile phone and
responds to the request automatically.
System checks the username with the system database by mapping. If it mapped
request a password from the user. Otherwise send a invalid user notification.
If the password is correct, authenticate the user with success notification message
while updating the system database and open the door. If not request the password
again no more than thrice. If the user fails every time system sends an invalid user
notification message.
3.2
Alternativeauthenticationmechanismforspecialconditions
3.2.1
DescriptionandPriority
When some user forgot to bring his mobile phone on a particular day, the system
offers an alternative solution on that kind of occasions. The system provides special
user interface to input username and password to the system. He/she also has to
face some extra steps to authenticate. This feature has lower priority than the
earlier feature (3.1).
3.2.2 Stimulus/ResponseSequences
User enters username and password to special interface.
If username and the password are accepted by the system, the user has to go
through some extra steps (such as answering a security question) to enter to the
premise.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
3.3
3.4
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
3.5
FunctionalRequirements
REQ-1: Identify the location of a particular user.
REQ-2: Providing some user controlling, base on the location.
3.6 Trackingtheusersspecificactivitiessuchasenteringandleaving
time
3.6.1
DescriptionandPriority
In an organization, keeping staffs behavioral information such as arriving and
leaving time is very useful to the management and higher level people. For example
when some organization policy violation has occurred it can be tracked through
this kind of information.
3.6.2 Stimulus/ResponseSequences
Keep daily logs of the database.
Refer the logs and current database when this kind of information is needed.
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
3.6.3
FunctionalRequirements
REQ-1: Provide support for management activities.
4.
ExternalInterfaceRequirements
4.1
UserInterfaces
The system contains several interfaces which the user can interact with. These interfaces are
depending on the role of the user. These interfaces can be classified as follows.
User interface in a mobile phone.
This facilitates the user to interact with the system through a mobile phone. For
that the user must have installed the mobile application which is a part of the
system. If not the user unable to identify even there is such kind of security
system in the organization. The communication between the mobile phone and
the bluetooth devices are through this application via bluetooth technology.
Every detail such as username, passwords, error messages and other
notifications are received or initialized through this interface.
System admin interface.
This is the core of the system which is handled by the system administrator.
This facilitates adding and removing users to the system, updating the user
profiles, communication with users mobile phone, mapping the users, updating
and retrieving data from the databases,
Web interface.
Web interface provides general description about the system with the user login
facility to the system to do things like profile updating. This also provides help
and guidance to the users.
4.2
HardwareInterfaces
The system consists of several hardware interfaces such as Mobile phone, bluetooth adapters,
server, network peripherals and door with a automated lock. Mobile phone and bluetooth
adapters communicate via bluetooth technology to transfer useful information among them.
Not only bluetooth adapters communicate with the users mobile phone, it also communicates
with the system server. This communication is the one who handles most of the security issues.
All the users have to go through the system server to access the organization resources such as
networks.
4.3
SoftwareandcommunicationInterfaces
When looking at the software interfaces, it can be mentioned that there are so many.
Linux and Windows operating systems
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
Windows operating system is using in the system server while Linux OS is used
with LDAP.
Mobile application developing tools.
LDAP
This is used to domain authentication purposes.
Communication through bluetooth protocol.
Communication between the phone and the adapter is done via bluetooth
technology.
Wired communication
Wired communication is used all over the places except between the phone and
the adapters.
Web interface
Web interface is based on Microsoft Internet Explorer.
5.
OtherNonfunctionalRequirements
5.1
PerformanceRequirements
Mobile phone application occupies less memory with high performance.
Since mobile phones are having limited memory capacity and not much higher
processing power, the application should have above features.
Less battery power consumption for bluetooth communication.
The user has to enable bluetooth within the premise all the time. But it
consumes battery power of the phone. So this can be a problem for the users.
To avoid this problem, the communication should use optimal power
consumption.
Servers have high performance with low latency.
It is needed to give responses to the requests without a delay.
Real time and reliable communication.
5.2
SafetyRequirements
Bluetooth communication and devices should be proper and not vastly depends on
environmental factors.
If the communication is vastly depends on factors like environment condition,
noise, the communication may be not proper and reliable.
High availability.
System should correctly handle in high load circumstances.
Adhere to the organizational policies.
The system should follow the common organizational policies.
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
5.3
Page
SecurityRequirements
Secure communication.
All the communication information should be encrypted to achieve
confidentiality.
Prevent illegal access to databases.
Since all the information is stored in databases, only administrator can see those
data.
Prevent alienate of highly secured information.
Reduce the ability of alienation of highly secured data such as login details to
remove vulnerabilities.
System access through web is secure.
The system is accessible through web for limited purposes of users. But this
communication should be secure as well.
5.4
SoftwareQualityAttributes
Adaptability and flexibility
System should be easily changed according to the organization and its
environments.
Availability
High availability should be satisfied by the system to prevent illegal access to
the premise.
Correctness
Correctness should be there to provide facilities for legal persons only.
Interoperability
Separate operations should be identified as separate. And there can be parallel
operations like more than one users accessing from the entrance.
Maintainability
The system should develop in a way that it can be easily changed to satisfy
change of requirements.
reliability
Since this is a security product the reliability is a major requirement to achieve
security goals.
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
SoftwareRequirementsSpecificationforMobilePhoneBasedSecuritySystem
AppendixA:Glossary
Abbreviations
IT Information Technology
IMEI - International Mobile Equipment Identity
LDAP Lightweight Directory Access Protocol
SIM - Subscriber Identity Module
REQ Requirement
OS Operating System
RFID Radio Frequency Identification
MPBSS Mobile Phone Based Security System
DepartmentofComputerScience&Engineering
UniversityofMoratuwa.
Page