MULTIMEDIA

UNIVERSITY

CLIENT-SERVER COMPUTING TCS 3191 Client-Server Proposal for Maybank

LECTURER: DR. LEW SOOK LING

PREPARED BY

Name Abdul Fatah Mohamad Adrian O'neil Stephen Muhammad Idham Mokhter Mohd Aiman Abdul Halim Hazwan Burhanudin

Matrix Number 1111112567 1071117045 1091106010 1101110632 1091106280

1.0 Background of the company

Overview Maybank is among the top 5 banks in South East Asia with total assets of more than USD 150 billion. It has an international network of over 2,200 branches and offices in 20 countries, employing 46,000 employees who serve over 22 million customers. About Maybank was established in 1960, and today is the largest company by market capitalisation on the Malaysian Bourse (Bursa Malaysia). It is ranked first among listed Malaysian companies and among the top 500 companies in the Forbes Global 2000 leading companies of the world. The Maybank Group offers a comprehensive range of products and services that includes commercial banking, investment banking, Islamic banking, offshore banking, leasing and hire purchase, insurance, factoring, trustee services, asset management, stock broking, nominee services, venture capital and Internet banking. Maybanks mission is to humanise financial services across Asia, by providing access to financial services to the people at fair terms and pricing, and to be always at the heart of the community. Vision To be a regional financial services leader. Mission They want to humanize financial services across Asia by:
I. II. III. IV.

Providing the people with convenient access to financing Having fair terms and pricing Advising customers based and on their needs Being at the heart of community

Figure 1: Maybank Company

Maybank2U Homepage

2.0 The companys business operation.

I. Maybank operates consumer banking, business and corporate banking as well as private banking services, through a network of 401 branch offices and more than 2,900 automated teller machines in Malaysia. The company operates 22 branches in Singapore providing a full range of banking and financial products and services. Maybank, through Maybank Philippines Incorporated, has 55 branches in the Philippines and also has a banking presence in most of the other Southeast Asian markets, including Brunei, Papua New Guinea, Indonesia, Cambodia, Vietnam and Laos. The bank also operates branches in New York, London, Hong Kong and Bahrain. II. Beside its commercial banking network, Maybank operates a number of specialized subsidiaries in the insurance, investment banking and assets management, and finance sectors. The group's subsidiaries include Etiqa Insurance and Etiqa Takaful which provides conventional and Shariah-compliant insurance products respectively, and Maybank Investment Bank which is the Group's investment banking division following the acquisition of Mayban Discount and Mayban Securities. Maybank was the first Malaysian bank granted the right to establish a branch office in China. III. The companys website service are : a. Account Summary: Account Details, Today's Transaction, Transaction History (last 60 days) and M2U History ( Last 30 days) b. Cheque Services: Cheque status, stop cheque, request for cheque book c. Registered Bill Payment: Pay Over 500 bills and make future payments, enquire & cancel future payment. d. Fund transfer: Own Account, Favourite 3rd Party, Favourite Interbank GIRO, Favourite FTT, enquire & cancel future transfer e. Bills & Statement: CASA, Advices & Notices, Bills (TNB, Telekom, DiGi) f. Utilities: Change M2U Biz password g. Mobile banking (M2U mobile): Account Summary, Registered Bill Payment, Favourite Fund Transfer, View Forex & Deposit rates h. Online viewing of Foreign Currency Account (FCA) and Master Foreign Currency Account (MFCA).

3.0 Client Side

PLATFORM We propose to use Microsoft Windows and Unix based operating system as a platform for our system in normal browser. For mobile application, we propose to use Android and iOS (Apple) based operating system. APPLICATION Online electronic banking systems give everybody the opportunity for easy access to their banking activities. These banking activities may include retrieving an account balance, money transfers between a users accounts, from a users account to someone else account, and retrieving an account history. As technology evolves, different kinds of electronic banking systems

emerge, each bringing a new dimension to the interaction between clients and Maybank. The Automated Teller Machine (ATM) is the first well known system that was introduced to facilitate the access of the user to their banking activities. The user can perform some of the transactions mentioned above via a graphical user interface. These are transmitted to the banks computer system with which the device has established a communication link. The next propose is the introduction of phone banking, users can use the phone keypad to perform banking operations. The Internet offers a new alternative to the phone banking system. By means of a more sophisticated and user friendly interface, a browser or a dedicated standalone application, people can use the Internet to connect to the bank computer system. Electronic devices are constantly getting smaller, while their functionality is extending. Now, mobile phones even offer the possibility to perform electronic banking.

Example of normal browser for online banking

Example of mobile banking application

PROCESS Basic architecture of an Internet electronic banking system there are two participating entities which is the client and the bank. When the user has a PC with a network connection, the most common way to communicate with the Maybank is via a Web browser. The standard protocol for communication between the browser and the banks Web server is then used. It is often referred to as HTTPS, which is the HTTP protocol on top of a security layer HTTP is the communication language of the WWW.

To avoid the problem of distribution and installation of extra software on the clients computer, we propose to deploy an intermediate solution. An ordinary browser is used at the client side, but to increase the functionality, a Java applet is downloaded from the Maybank website. This applet is a relatively small piece of software code that runs within the users browser, and that will provide extra security functionality. A big advantage of this approach is that the applet technology allows the bank to easily maintain and update the client software. Clients will automatically download and use new versions of the software. Banks do not need to distribute new software in an old fashioned way.

CONFIGURATION We propose more security functionality than an ordinary browser is able to provide. This extra security functionality included strong cryptography by using HTTPS, due to the normal transfer protocol like HTTP traffic is very insecure and all data is transferred in clear text, the authentication User ID or Password will be transmitted as clear text as well. This creates a problem. Anyone can sniff these User ID or Password and gain access to server. To prevent this we have to encrypt HTTP traffic, essentially HTTP with Secure Socket Layer (SSL) or as known as HTTPS. Anything transferred over HTTPS is encrypted, so the user ID and Password cannot be easily deciphered. HTTPS runs on port 443.
Step to configure SSL

SSL (Secure Socket Layer) is a protocol layer that exists between the Network Layer and Application layer. There are three kinds of cryptographic techniques used in SSL which are Public-Private Key, Symmetric Key, and Digital Signature. 1. The client request content from the Web Server using HTTPS. 2. The web server responds with a Digital Certificate which includes the server's public key. 3. The client checks to see if the certificate has expired. 4. Then the client checks if the Certificate Authority that signed the certificate, is a trusted authority listed in the browser. This explains why we need to get a certificate from a trusted Certificate Authority. 5. If everything is successful the SSL connection is initiated.
Public-Private Key Cryptography

The Web server holds the private Key, and sends the Public key to the client in the Certificate.
Symmetric Cryptography

After the SSL connection has been established, Symmetric cryptography is used for encrypting data as it uses less CPU cycles. In symmetric cryptography the data can be encrypted and decrypted using the same key. The Key for symmetric cryptography is exchanged during the initiation process, using Public Key Cryptography.

Encryption Process

1. In this step the Original "Clear Text" message is encrypted using the Sender's Private Key, which results in Cipher Text 1. This ensures the Authenticity of the sender. 2. In this step the "CipherText 1" is encrypted using Receiver's Public Key resulting in "CipherText 2". This will ensure the Authenticity of the Receiver i.e. only the Receiver can decipher the Messsage using his Private Key. 3. Here the SHA1 Message Digest of the "Clear Text" is created. 4. SHA1 Message Digest is then encrypted using Sender's Private Key resulting in the Digital Signature of the "ClearText". This Digital Signature can be used by the receiver to ensure the Integrity of the message and authenticity of the Sender. 5. Step5: The "Digital Signature" and the "CipherText 2" are then send to the Receiver.

Decryption Process

1. In this step the "CipherText 2" message is decrypted using the Receiver's Private Key, which results in Cipher Text 1. 2. In this step the "CipherText 1" is decrypted using Sender's Public Key resulting in "ClearText". 3. Here the SHA1 Message Digest of the "Clear Text" is created. 4. The "Digital Signature" is then decrypted using Sender's Public Key, resulting the "SHA 1 MSG Digest". 5. The "SHA1 MsgDigest #1" is then compared against "SHA1 MsgDigest #2". If they are equal, the data was not modified during transmission, and the integrity of the Original "Clear Text" has been maintained
Test Certificates

While compiling Apache server we created a test certificate. We used the make file provided by mod_ssl to create this custom Certificate. We used the command:

SYSTEM AND HARDWARE REQUIREMENT Hardware Requirement: Intel Pentium 4 Processor or higher 120 GB hard disk or higher 1GB MB RAM. Monitor. Keyboard. Supported Browsers: 1. 2. 3. 4. Chrome Firefox Safari (not supported on Windows) Internet Explorer

Desktop: For Windows 1. 2. 3. 4. Windows Vista Windows XP Windows 7 Windows 8

For Mac 1. 2. 3. 4. Mavericks (10.9) Mountain Lion (10.8) Lion (10.7) Snow Leopard (10.6)

Mobile and tablet: For Android phones or tablets 1. Eclair and up (Android 2.1+) For iPhone or iPad 1. iOS 5.0+

4.0 Middleware side.

PLATFORM The most suitable platform to be used for banking portal such as MayBank shall be Service Oriented Architecture(SOA). The Service Oriented Architecture(SOA) is used to restrict the customer access for services only it is implement due to security purposes. Moreover, the purpose of SOA is to enable the function especially for large software applications that in this case, it is an online banking portal, which means there will be thousands of services provided. Service orientation is also platform independent and has support for stateless communication model. A stateless communication protocol treats each request independent transaction that is unrelated to any previous request that fit really well with the required specifications as middleware for online banking portal. APPLICATION Oracle database is known for any mission-critical commercial applications and online banking portal is considered as one. Oracle provides Flashback Database, Table , Query , and Transaction that fits really well with the needs of the entire framework . Since online banking portal database will be very heavy , so oracle will be preferred as the applications . And then to piece it all together , the application will be written in java as it is supported by Apache Struts web framework . Web applications differ from conventional websites that only deliver static pages . A website is a dynamic web application can react and interact with databases and business logic engines to customize client server response , and Apache Struts is a specialized solution for creating Java web applications . Moreover, by using java naturally allows the use of objectoriented architecture . Since java is , the tools that will be used will be java SDK using the command line and notepad to code . Alternative java IDE like Eclipse can be used as well, and in this case, the eclipse has native support for developing web applications ; apache struts included. STUB RPC allows the implementation of client / server distributed system that allow customers to connect to the remote server and request one of the services provided by the server. Both client and server stubs will be attached to the middleware, in a way; middleware acts as an important

part for the RPC happens. Since the environment will be java so it will invoke a call method and not the procedure call; it is also called all the Java RMI (Remote Method Invocation). Java RMI principle is similar to RPC which allows access to remote objects, allowing an extension of the local environment with using dynamic code loading. HARDWARE Middleware hardware is actually a software because it is usually doesn't need any specialized hardware. It is used to connect two application in this case the middleware is used to connect client and server and passes data among them. The middleware exists is in both of the client and server machine. It includes needed API for client to server and send request back to client from server.

PROCESS Since this is an online banking portal where security is critical, the process is done simultaneously which explains all the previous implementation. In RMI, when a method calls another, it must wait for the called method to return before it can do any other job. Middleware functions partly as a super-linker, finding a method that is called in the network and use network services to pass a parameter or a function to the procedure and then return back the results. CONFIGURATION The Banking Portal will run entirely on the Struts framework, so all applications are stored on the server side that includes web hosting will be placed inside the apache tomcat. Instead, customers will have access to using JavaServer Pages (JSP) that is stored on servers and linked by the Apache Struts framework. The middleware will play a role in use by customer demand, which acts as a temporary database for cases such as a monthly summary of the transaction as an example and change the relay, finally processed by the server back to the client JSP to be seen. Below shows a general framework Apache Struts framework.

The Struts Architecture

As seen in the diagram above, the middleware is generally the controller Servlet that are defined in the struts-config.xml file and the Business Logic that contains action scripts to invoke the model which is in the server.

Sample of struts-config.xml file

SN Interceptor & Description 1 struts-config This is the root node of the configuration file. form-beans This is where you map your ActionForm subclass to a name. You use this name as an alias for your ActionForm throughout the rest of the struts-config.xml file, and even on your JSP pages. global forwards This section maps a page on your webapp to a name. You can use this name to refer to the actual page. This avoids hardcoding URLs on your web pages. action-mappings This is where you declare form handlers and they are also known as action mappings. controller This section configures Struts internals and rarely used in practical situations.

4 5

As you can see, the HelloActionForm.java file is located in the server and the index.jsp is the clients request page. The middleware will take these information in the .xml and invoke the HelloWorldActionForm. java method in the server when index.jsp is accessed and then the string hello world will be relayed to the helloWorld.jsp from the .java file. on the clients browser, the index.jsp is now replaced with helloworld.jsp and the string hello world will appear on screen.

5.0 Server side.

PLATFORM For the server side, we propose for the server side to use Oracle engine as the base platform. For a banking portal, Oracle Server is a very stable, fast, extremely popular and affordable database engine. There is a tremendous amount of support and resources available on the web and from Information Technology (IT) providers. Plus, its relatively easy to work with.

APPLICATION For application, it is better to use Oracle because of its database capabilities. Oracles Application Server consists of an integrated, standards-based software platform. The Oracle Application Server configurations are designed to ensure security of all transactions, maximize hardware resources, and provide a reliable, standards-compliant system for enterprise computing with a variety of applications.

HARDWARE The specific hardware used for Server deployment can vary, depending on size and usage requirements. These are the recommended hardware for the server.

CPU

: 64-bit dual processor, hex-core, 2.26 gigahertz (GHz) or higher

Memory : 32 gigabytes (GB) Disk : 8 or more 10,000 RPM hard disk drives with at least 72 GB free disk space. Two of the disks should use RAID 1, and six should use RAID 10. Network: 1 dual-port network adapter, 1 Gbps or higher (2 recommended, which requires teaming with a single MAC address and single IP address)

PROCESS Oracle Database creates server processes to handle the requests of client processes connected to the instance. A client process always communicates with a database through a separate server process. Server processes created on behalf of a database application can perform one or more of the following tasks:

Parse and run SQL statements issued through the application, including creating and executing the query plan (see "Stages of SQL Processing") Execute PL/SQL code Read data blocks from data files into the database buffer cache (the DBW background process has the task of writing modified blocks back to disk) Return results in such a way that the application can process the information

Configuration

Since the server uses Oracle, the steps for configurations are: Basic Initialization Parameters Cloning Databases Using DBCA Database Usage Statistics

Basic Initialization Parameters The following parameter basic parameters that needs to be adjusted:
CLUSTER_DATABASE COMPATIBLE CONTROL_FILES DB_BLOCK_SIZE DB_CREATE_FILE_DEST DB_CREATE_ONLINE_LOG_DEST_n DB_DOMAIN

DB_NAME DB_RECOVERY_FILE_DEST DB_RECOVERY_FILE_DEST_SIZE DB_UNIQUE_NAME INSTANCE_NUMBER JOB_QUEUE_PROCESSES LOG_ARCHIVE_DEST_n LOG_ARCHIVE_DEST_STATE_n NLS_LANGUAGE NLS_TERRITORY OPEN_CURSORS PGA_AGGREGATE_TARGET PROCESSES REMOTE_LISTENER REMOTE_LOGIN_PASSWORDFILE ROLLBACK_SEGMENTS SESSIONS SGA_TARGET SHARED_SERVERS STAR_TRANSFORMATION_ENABLED UNDO_MANAGEMENT UNDO_TABLESPACE

Cloning Databases Using DBCA

After the above parameters have been adjusted, databases need to be cloned using DBCA: The "Template Management" section of the Database Configuration Assistant (DBCA) can be used to clone databases. The following method creates a clone of and existing database including both the structure and the data. Start the Database Configuration Assistant (DBCA). On the "Welcome" screen click the "Next" button. On the "Operations" screen select the "Manage Templates" option and click the "Next" button. On the "Template Management" screen select the "Create a database template" option and select the "From and existing database (structure as well as data)" sub-option then click the "Next" button. On the "Source database" screen select the relevant database instance and click the "Next" button. On the "Template properties" screen enter a suitable name and description for the template, confirm the location for the template files and click the "Next" button. On the "Location of database related files" screen choose either to maintain the file locations or to convert to OFA structure (recommended) and click the "Finish" button. On the "Confirmation" screen click the "OK" button. Wait while the Database Configuration Assistant progress screen gathers information about the source database, backs up the database and creates the template.

By default the template files are located in the "$ORACLE_HOME/assistants/dbca/templates" directory.

Database Usage Statistics

Database usage statistics helps us to monitor database usage statistics. : DBA_HIGH_WATER_MARK_STATISTICS - Displays high waternmark statistics (db_usage_hwm.sql). DBA_FEATURE_USAGE_STATISTICS - Displays database feature usage statistics (feature_usage.sql).

This information can be viewed in Enterprise Manager (Administration > Database Usage Statistics). The page gives you access to both types of usage statistics.

ARCHITECTURE For this assignment, we will use a dedicated server as its architecture. In dedicated server architecture, the server process created on behalf of each client process is called a dedicated server process (or shadow process). This server process is separate from the client process and acts only on its behalf.

Oracle Database Using Dedicated Server Processes

As seen on the figure above, a one-to-one ratio exists between the client processes and server processes. Even when the user is not dynamically making a database request, the dedicated server process remains, although it is inactive and can be paged out on some operating systems. The figure shows user and server processes running on networked computers. However, the dedicated server architecture is also used if the same computer runs both the client application and the database code but the host operating system could not maintain the separation of the two programs if they were run in a single process. Linux is an example of such an operating system. In the dedicated server architecture, the user and server processes communicate using different mechanisms: If the client process and the dedicated server process run on the same computer, then the program interface uses the host operating system's interprocess communication mechanism to perform its job.

If the client process and the dedicated server process run on different computers, then the program interface provides the communication mechanisms (such as the network software and Oracle Net Services) between the programs.

6.0 Sample Maybank banking clients request up to servers reply scenario

Automated Teller Machine (ATM)

As we all know, Maybank is a multinational company, which involve in banking industry. The company communicates with millions of client every day. Here author want to show some scenario involving client server communication using Automated Teller Machine (ATM).

Figure 1.1 : Automated Teller Machine (ATM) Scenario

Figure 1.1 shows the Automated Teller Machine (ATM)

Scenario. Client of Maybank

Company will use this Automated Teller Machine (ATM) as mechanism to connect to the server. This ATM will acts as client system interface. When client make the transaction with bank, this ATM will connect to the bank account server. In the server side, its contain Tele-processing monitor which control the transaction. Inside the account server also have the customer account database which will reply the client request to the client. The client will get the reply message through ATM machine.

Internet Banking System

Nowadays, Internet banking system is the most popular ways that people use when they make the transaction. This Internet banking is a system that allowing individuals to perform banking activities at home, via the Internet. Figure 1.2 below show the Internet banking scenario.

Figure 1.2 : Internet Banking System Scenario Figure 1.2 show the internet transaction processing which involving client server system architecture. Client will use their computer or what ever device that can connect to the bank URL website htttps://www.maybank2u.com.my. By using Secure Socket Layer (SSL), it will make the connection between client and server become more secure. After that, client will have the HTTPS interaction with the web server which contain account service provision. This web server will connect to database server using SQL query to have accessed to customer account database. This database server will reply the request make by client. Client will get the message after the server make HTTPS interaction back to the client.

SUMMARY
As in a nutshell, we manage to complete this proposal successfully by following all the requirements. For client side, operating system like windows and Unix become the major platform to the client side to view it in web browser. Client that normally use mobile phone to do the transaction, author has suggest that iOS and Android is the most suitable operating system. To connect to the web browser, Secure Socket Layer (SSL) is highly recommended. For middleware, we suggest that Maybank should use Service Oriented Architecture (SOA) which restrict customer access for service only it is implement due to security purposes. For the server side, author has proposed to user Oracle engine as the base platform. The main reason is because it is very fast, stable and extremely popular among the users. We got the opportunity learn deeper about the client/server environment for a client server system especially in banking industry called Maybank. Special thanks to our lecturer Ms. Lew Sook Ling who guided us for this assignment throughout this semester. Not to forget to all group members who have put all their efforts for this assignment.

REFERENCES:

1. The Struts Architecture :

http://www.onjava.com/pub/a/onjava/2005/11/02/what-is-struts.html?page=3
2. Sample Of struts-config.xml File :

http://www.tutorialspoint.com/struts_2/struts_configuration.htm 3.what is SSL:

http://www.digicert.com/ssl.htm

4.Inroduction Of Web Service: http://acs.lbl.gov/projects/gtg/projects/pyGridWare/doc/tutorial/html/x284.html