Software Requirements

Specification
for

Inter Bank Fund Transfer in

Distributed network

Version 1.0 approved

Prepared by Anurag Banerjee

BE/10069/2014

Birla Institute of Technology, Mesra.

12 August, 2016.

Copyright1999byKarlE.Wiegers.Permissionisgrantedtouse,modify,anddistributethisdocument.
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Pageii

TableofContents
Table of Contents...........................................................................................................................ii
Revision History.............................................................................................................................ii
1. Introduction..............................................................................................................................1
1.1 Purpose...........................................................................................................................................1
1.2 Document Conventions....................................................................................................................1
1.3 Intended Audience and Reading Suggestions...................................................................................1
1.4 Product Scope.................................................................................................................................1
1.5 References.......................................................................................................................................1
2. Overall Description..................................................................................................................2
2.1 Product Perspective.........................................................................................................................2
2.2 Product Functions...........................................................................................................................2
2.3 User Classes and Characteristics.....................................................................................................2
2.4 Operating Environment...................................................................................................................2
2.5 Design and Implementation Constraints..........................................................................................2
2.6 User Documentation........................................................................................................................2
2.7 Assumptions and Dependencies.......................................................................................................3
3. External Interface Requirements............................................................................................3
3.1 User Interfaces................................................................................................................................3
3.2 Hardware Interfaces........................................................................................................................3
3.3 Software Interfaces.........................................................................................................................3
3.4 Communications Interfaces.............................................................................................................3
4. System Features........................................................................................................................4
4.1 System Feature 1.............................................................................................................................4
4.2 System Feature 2 (and so on)..........................................................................................................4
5. Other Nonfunctional Requirements.......................................................................................4
5.1 Performance Requirements..............................................................................................................4
5.2 Safety Requirements........................................................................................................................5
5.3 Security Requirements.....................................................................................................................5
5.4 Software Quality Attributes.............................................................................................................5
5.5 Business Rules................................................................................................................................5
6. Other Requirements.................................................................................................................5
Appendix A: Glossary....................................................................................................................5
Appendix B: Analysis Models.......................................................................................................5
Appendix C: To Be Determined List............................................................................................6

RevisionHistory
Name Date Reason For Changes Version
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page1

1. Introduction

1.1 Purpose
Lack of encryption between banks and regional processors present serious risks to the system as
transmissions may be intercepted and modified or even deleted. Attackers may subsequently divert,
redirect, or cancel funds transfers. Therefore, the software provides a messaging network that
financial institutions use to securely transmit information and instructions through a standardized
system of codes.

1.2 Document Conventions

The headings and subheadings are in bold and are in Times new Roman font of size 18 and 14
respectively. The paragraphs are also in Times New Roman font and are of size 12.

1.3 Intended Audience and Reading Suggestions

The robustness of the software design allows huge scalability to provide services to the following:

Banks
Brokerage Institutions and Trading Houses
Securities Dealers
Asset Management Companies
Clearing Houses
Depositories
Exchanges
Corporate Business Houses
Treasury Market Participants and Service Providers
Foreign Exchange and Money Brokers

1.4 Product Scope

The software uses public key cryptography to ensure proper authentication.It enables ciphering
without leaking private key information. It deploys the public key scheme to modify the key escrow
mechanism to be used in SWIFT system offering the following features for the above stated
problems:

Each bank owns its own public key and private key, but different keys are used for the
authenticaton of different transactions, and these keys are unknown to SWIFT as before.

Provide bank-to-center authentication.

Provide link-by-link encryption from end-to-end.

1.5 References
1) https://en.wikipedia.org/wiki/Society_for_Worldwide_Interbank_Financial_Telecommuni
cation
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page2
2. Overall Description

2.1 Product Perspective

Prior to SWIFT, Telex was the only available means of message confirmation for international funds
transfer. Telex was hampered by low speed, security concerns, and a free message format--in other
words, Telex did not have a unified system of codes like SWIFT to name banks and describe
transactions.
To circumvent these problems, SWIFT system was formed in 1974. Seven major international banks
formed a cooperative society to operate a global network that would transfer financial messages in a
secure and timely manner.

2.2 Product Functions

The major functions performed by the software are:
To form a secure network for transmitting messages between financial institutions;
To define a set of syntax standards for financial messages (for transmission over the secure
network provided or any other network)
To provide a set of connection software and services allowing financial institutions to
transmit messages over the secure network.
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page3
2.3 User Classes and Characteristics
Financial institutions worldwide along with involvement of their employees and to a lesser extent
their customers and clients.

2.4 Operating Environment

The software is used in financial institutions by the employees of the institution. The hardware
requirement for this software are -
Processor - Pentium -III

Speed - 1.1 Ghz

RAM - 256 MB(min)

Hard Disk - 20 GB

Floppy Drive - 1.44 MB

Key Board - Standard Windows Keyboard

Mouse - Two or Three Button Mouse

Monitor - SVGA

The software requirements are -

Operating System: Windows 2000.

Technology: .NET/J2EE
Database: Oracle 8i

2.5 Design and Implementation Constraints

Secure network connection should exist between the two banks between which fund transfer is to
take place. Every employee of the banks should be provided with a login id and password to initiate
transactions so as to add extra security to prevent intrusion from outsiders.

2.6 User Documentation

The required support and documentations will be provided on:

https://www.swift.com/contact-us/support
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page4
2.7 Assumptions and Dependencies
The banks should have a stable internet connection (Wired connection preferably for more stability
and faster transactions) and also ensure that their internet connection is protected by firewall to
ensure greater security. The computers in which the software is installed should have some sort of
antimalware to prevent unidentified interceptions by attackers locally.

3. External Interface Requirements

3.1 User Interfaces

The home screen will have a login option for the bank employee. The next screen will require the
customer credentials. Options for transfer, update, transaction history, logout, help will be there in
the following screen. Apart from these there will be options for checking the details of an account.

3.2 Hardware Interfaces

A standard computer with the following hardware specifications is required:
Processor - Pentium -III

Speed - 1.1 Ghz

RAM - 256 MB(min)

Hard Disk - 20 GB

Floppy Drive - 1.44 MB

Key Board - Standard Windows Keyboard

Mouse - Two or Three Button Mouse

Monitor SVGA

In addition to the above routers/modems, splitters and wires are required for internet
connectivity.

3.3 Software Interfaces

Operating System: Windows 2000 (Documentation: https://msdn.microsoft.com/en-

us/library/bb742601.aspx)

Technology: .NET/J2EE (Documentation: http://docs.oracle.com/javaee/7/index.html)

Database: Oracle 8i (Documentation: http://www.oracle.com/pls/tahiti/homepage)
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page5
3.4 Communications Interfaces
The RSA cipher is used to deploy the public key scheme to modify the key escrow mechanism to be
used in system. Each bank owns its private key and public key, but different keys are used for
authentication of different transactions, and these keys are unknown to SWIFT. Each bank has a
securely stored private key and a public key. A SWIFT terminal generates a random number for every
message transmitted as the end-to-end authentication session key, and encrypts this key with the
receiver's public key. Using the same procedure to perform bank-to-center input sequence number
authentication, it enables an operating center to verify the authenticity of the input sequence number
from customer banks. The receiving bank to verify the output sequence number from the operating
center uses the same method. Let us name this as link-by-link authentication. Finally, link-by-link
encryption can be performed using a uniquely generated session key for message encryption and
encrypting the session key with the public key of the code at the other side of the link.

4. System Features

4.1 LogginginandAuthentication:

4.1.1 DescriptionandPriority:

ThesoftwareoffersaccesstoInternetatclientlevelandaccesstoserverresourcesat
serverlevelonlybyvalidatingtheuserwiththeuniqueusernameandpassword.It
hashighprioritytoensuresecurityoftheclients.

4.1.2 Stimulus/ResponseSequences:

The response/stimulus for the different classes of users are:

Users: Logging into their respective accounts.

Administrator: Adding new accounts, giving account status.

4.1.3 FunctionalRequirements:

All system should have the software with updated database. The server should identify
clients by their login credentials.
Input: User name and password, Account number
Output: Access to Internet, Available balance, Account Details.
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page6
4.2 TransferRequest:

4.2.1 DescriptionandPriority:

Thisisusedbytheusertocreateafundtransferrequestfromonebanktoanother
bankinadistributednetwork.Itprovidesthefacilitiestoinitiatethetransfer.

4.2.2 Stimulus/responsesequences:

The response/stimulus for the different classes of users are:

Users: Initiate how much fund is to be transferred from the bank and to which
bank the funds are to be transferred.

4.3 ViewAccountDetails:

4.3.1 DescriptionandPriority:

Thisisdesignedtohelptheusertoviewtheiraccountdetailslikeaccountbalance,
historyoffundtransactions,accountcredentialsetc.Italsoprovidesfacilitiestothe
usertochangeaccountloginpassword.

4.3.2 Stimulus/responsesequences:

The response/stimulus for the different classes of users are:

Users: See Account Details, change login password, view history of transactions
etc.

Administrator: Validate password change request from the user and implement it.

5. Other Nonfunctional Requirements

5.1 Performance Requirements

Higher speed internet connections in banks involved in a given transaction will ensure faster
transactions. Base speed of 2Mbps is expected for the establishment of a secure connection.
SoftwareRequirementsSpecificationforInterBankFundTransferinDistributedNetwork Page7
5.2 Safety Requirements
Everybody should not be able to use the software so the bank employees are provided with login
credentials for logging into the software. Every bank employee should not be able to access every
account so every customer/client is also provided with login credentials. When these two are
available, then a transaction can take place.

5.3 Security Requirements

For security the software uses RSA encryption giving a private and a public key to each bank. A
random number is generated for every transaction and then based on the session key and the public
key a checking operation is done. If the keys match, then connection is established.

5.4 Software Quality Attributes

The software is very easy to use and user friendly. When installed properly the software is expected
to operate in a foolproof manner. The software can be used by any financial institution provided they
are registered in the softwares database and have their public and private key. People who can use
computer applications should be able to handle the software to a considerable extent. The software
can be used as and when the firm requires. Using the software does not require any extra learning on
the employees or clients part.

5.5 Business Rules

In case of a mismanagement in transaction the assigned administrator in every bank has the capacity
to terminate the faulty transaction.

6. Other Requirements
The institutions using the software should assign administrators who will act like superusers and have
special privileges like creating accounts for new clients and bank employees, terminating faulty
transactions etc. The banks using the software for interbank fund transfer should have mutual
understanding between them and the software provider in case of any failures and should cooperate
to rectify the fault and close the loophole in the security of the system.