The document describes two projects completed as an intern at IDRBT. Project 1 involves building a desktop application using Java and OpenSSL libraries that allows users to perform public key cryptography tasks through a graphical user interface. It discusses functionality like key generation, encryption, signatures and certificates. Project 2 involves deploying the OX AppSuite over IDRBT's intranet and exploring its potential deployment over cloud systems. It provides installation instructions and highlights challenges of moving applications to the cloud.
The Codex of Business Writing Software for Real-World Solutions 2.pptx
IDRBT Project: Application Development in Java for public key cryptography
1. 0 | P a g e
BUILDING AN EASY TO USE APPLICATION FOR PUBLIC KEY
CRYPTOYSTEM USING OPENSSL LIBRARY
&
DEPLOYMENT OF OX APP SUITE OVER RED HAT SERVER SYSTEM FOR IDRBT
INTRANET AND CLOUD
Submitted To:
INSTITUTE OF DEVELOPMENT AND RESEARCH IN BANKING TECHNOLOGY
ROAD NO. 1, CASTLE HILLS, MASAB TANK,
HYDERABAD-500057
Project Guide:
By:
Dr.N.P.Dhavale Shivashish Kumar
Deputy General Manager, Part‐III,
IDRBT,Hyderabad Mathematics and Computing
IIT(BHU),Varanasi
PROJECT REPORT:
2. 1 | P a g e
Institute of Development and Research in Banking Technology
Road No. 1, Castle Hills, Masab Tank,
Hyderabad‐500057
CERTIFICATE
Mr. Shivashish Kumar, student of Integrated M.Tech course at IIT(BHU),Varanasi in the
Department of Applied Mathematics was assigned the projects 1.”Building an easy to use
application for public key cryptosystem using openSSl libraries” 2.”Installation of OX AppSuite
over red hat server system for IDRBT intranet and cloud” under the guidance of INFINET
department of IDRBT. During the course of the project he has undertaken a study of Public Key
Infrastructure (PKI), Java Libraries and Networking Systems.
This is to certify that he has successfully completed the projects assigned to him as an intern at
Institute for Development and Research in Banking Technology, Hyderabad from May 13, 2013
to July 12, 2013.
Dr. N.P.Dhavale
(Project Guide)
Deputy General Manager
IDRBT, Hyderabad
3. 2 | P a g e
ACKNOWLEDGEMENT
Summer project is a golden opportunity for learning and self‐development. I consider myself
very lucky and honored to have so many wonderful people lead me through in completion of
this project.
I would like to express my sincere gratitude to the Institute for Development and Research in
Banking Technology (IDRBT) and particularly Dr.N.P.Dhavale Sir, who was my guide during the
course of the project. . I would not hesitate to add that this short span of time in IDRBT has
added a different facet to my life as this is a unique organization being a combination of
academics, research, technology, communication services, crucial applications etc. and at the
same time performing roles as an arm of regulation, spread of technology, facilitator for
implementing technology in banking and non‐banking system.
I am really grateful to Dr.N.P.Dhavale Sir who in spite of being extraordinarily busy with his
duties, took time out to hear, guide and keep me on the correct path and allowing me to carry
out my industrial project work at the organization and extending during the training. He helped
all time when we needed and he gave right direction toward completion of project.
I am also thankful to Mahesh Sir,Srihari Sir and Anuradha Madam with whom I worked
throughout my stint at IDRBT and this project was possible only with their cooperation
I am thankful to the staff of INFINET department at IDRBT for helping me to get familiar with
the applications. They gave me a chance to study the application and its impact from different
perspective. I am also thankful to my college, for giving me this Opportunity to work in a high‐
end research institute like IDRBT.
Lastly I will like to thank my family and friends for their support and all others who made this
project successful either directly or indirectly
Shivashish Kumar
Project trainee
IDRBT, Hyderabad
4. 3 | P a g e
ABSTRACT
Project 1.”Building an easy to use application for public key cryptosystem using openSSl library”
The project is about an application for public key cryptosystem using OpenSSL library. It consists
of various functionality offered by the application, associated features, platforms used and
methodology followed by the application. The report also has class diagram and sequence
diagram to emphasize further about the application have actually been built and a way forward
to summarize the task to be done further for this.
Project 2.”Installation of OX AppSuite over red hat server system for IDRBT intranet and cloud”.
The Project is about deployment of OX App Suite over IDRBT intranet .It discusses about OX App
Suite, Its significance in IDRBT environment, and the stepwise instruction followed during the
course of the project for its deployment. It also highlights about the steps required for moving
to the cloud and the difficulties associated with it.
5. 4 | P a g e
TABLE OF CONTENT
Project I
1. Introduction................................................................................................................................ 7
2Project Description......................................................................................................................... 7-10
2.1Application Software........................................................................................................... 7
2.2 Cryptography..................................................................................................................... 7-8
2.3 Cryptography Terms…………………………………………………………………
2.4 openSSL ……………………………...............................................................................
9-10
10
3. Objective....................................................................................................................................... 10
4 Functionality...............................................................................................................................
5. Platform...................................................................................................................................
6. Overview………………………………………………………………………………………..
7. Requirements.................................................................................................................................
8. Significance…………………………………………………………………………………
9. Methodology……………………………………………………………………………………
9.1 Sequence Diagram………………………………………………………………………..
9.2 Operating Instructions……………………………………………………………………
9.3 Class Diagram……………………………………………………………………………
10/Features………………………………………………………………………………………….
11. Way Forward……………………………………………………………………………………
Summary……………………………………………………………………………………………
References…………………………………………………………………………………………..
11
11
11-12
12
13
14-28
14
15-20
21-28
29-30
30
31
32
6. 5 | P a g e
Project II
1. Introduction................................................................................................................................ 34
2 Objectives.................................................................................................................................. 34
3. Definitions................................................................................................................................ 34-35
4 Platform………………………................................................................................................ 35
5. Requirements…………………………………………………………………………………
6. OX App Suite at
IDRBT……………………………………………………………………….
7. Installation and deployment…………………………………………………………………
5.1 OX App Suite over Intranet............................................................................................
5.2 OX App Suite over Cloud ………………........................................................................
Summary........................................................................................................................................
.
35
36
36-39
36-38
39
40
References...................................................................................................................................... 41
7. 6 | P a g e
PROJECT 1
BUILDING AN EASY TO USE APPLICATION FOR PUBLIC KEY
CRYPTOSYSTEM USING OPENSSL LIBRARY
8. 7 | P a g e
1. INTRODUCTION
This project mainly concentrates about developing a Java based application which will let the
user perform different cryptographic instruction in GUI (Graphic user Interface) mode. The
developed application is a desktop application which on receiving various cryptographic
requests from the user will process and execute them accordingly. All the digital features of
Public key Infrastructure like key generation, certificates, message digest, encryption and
signatures have been combined with the application itself to make it a standalone application
2. Project Description
2.1 Application software is all the computer software that causes a computer to
perform useful tasks beyond the running of the computer itself. A specific instance of such
software is called a software application or easy to use application
2.2Cryptography
Cryptography or cryptology is the practice and study of techniques for secure communication
in the presence of third parties
In modern era, there are 2 ways of cryptography:
1. Symmetric key cryptography
2. Public key cryptography
Symmetric‐key cryptography refers to encryption methods in which both the sender and
receiver share the same key. This method have historically been susceptible to known‐plaintext
attacks, chosen plaintext attacks, differential cryptanalysis and linear cryptanalysis.
Public‐key cryptography refers to a cryptographic system requiring two separate keys, one of
which is secret and one of which is public. Although different, the two parts of the key pair are
mathematically linked. One key locks or encrypts the plaintext, and the other unlocks or
decrypts the cipher text.
There are two main uses for public‐key cryptography:
Public‐key encryption, in which a message is encrypted with a recipient's public key. The
message cannot be decrypted by anyone who does not possess the matching secret key,
9. 8 | P a g e
who is thus presumed to be the owner of that key and the person associated with the
public key. This is used in an attempt to ensure confidentiality.
Digital signatures, in which a message is signed with the sender's secret key and can be
verified by anyone who has access to the sender's public key. This ensures that the message
has not been tampered, as any manipulation of the message will result in changes to the
encoded message digest, which otherwise remains unchanged between the sender and
receiver.
This entire process of using public‐ key cryptography is public key cryptosystem
I image source gdp.globus.org
A public‐key infrastructure (PKI) is a set of hardware, software, people, policies, and
procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
In cryptography, a PKI is an arrangement that binds public keys with respective user identities
by means of a certificate authority (CA). The user identity must be unique within each CA
domain.
Image source: ei4africa.eu
Fig 2: PKI System
Fig 1: Public key cryptography
10. 9 | P a g e
2.3Cryptography Terms:
2.3.1 Symmetric Key: Key that is used with the operations of a symmetric encryption scheme is
the symmetric key
2.3.2 Digital Certificate: In cryptography, a public key certificate or digital certificate is an
electronic document that uses a digital signature to bind a public key with an identity —
information such as the name of a person or an organization, their address, and so forth.
2.3.3 Key Pair: Every digital certificate has a pair of associated cryptographic keys. This pair of
keys consists of a private key and a public key. A public key is part of the owner's digital
certificate and is available for anyone to use. A private key, however, is protected by and
available only to the owner of the key.
2.3.4 Root Certificate: A root certificate is either an unsigned public key certificate or a self‐
signed certificate that identifies the Root Certificate Authority (CA).
2.3.5 Certification Authority (CA): It is an entity that issues digital certificates
2.3.6Certification request: a certificate signing request (also CSR or certification request) is a
message sent from an applicant to a certificate authority in order to apply for a digital
certificate
2.3.7 Certificate signing: A CA issues digital certificates that contain a public key and the
identity of the owner. A CA's obligation in such schemes is to verify an applicant's credentials,
so that users and relying parties can trust the information in the CA's certificates.
2.3.8 PKCS#12 Certificate: PKCS #12 defines an archive file format for storing many
cryptography objects as a single file. It is commonly used to bundle a private key with
its X.509 certificate or to bundle all the members of a chain of trust.
2.3.9 Digital Signature: It is a mathematical scheme for demonstrating the authenticity of a
digital message or document.
2.3.10 Message Digest: A cryptographic hash function is algorithm that takes an arbitrary block
of data and returns a fixed‐size bit string, the (cryptographic) hash value, the data to be
encoded are often called the "message," and the hash value is sometimes called the message
digest or simply digests.
2.3.11 Encryption is the process of encoding messages (or information) in such a way that
eavesdroppers or hackers cannot read it, but that authorized parties can.
11. 10 | P a g e
2.3.12 Decryption: The process of decoding data that has been encrypted into a secret format.
Decryption requires a secret key (private or symmetric)
2.3.13 Cipher: a cipher (or cypher) is an algorithm for performing encryption or decryption—a
series of well‐defined steps that can be followed as a procedure.
2.3.14 Base64 encoding: Base64 is a group of similar binary‐to‐text encoding schemes that
represent binary data in an ASCII string format by translating it into a radix‐64 representation.
2.3.15 Crypto Token: A security token (or sometimes a hardware token, authentication
token, USB token) may be a physical device that an authorized user of computer services is
given to ease authentication
2.4 OpenSSL is an open‐source implementation of the SSL and TLS protocols. The
core library, written in the C programming language, implements the
basic cryptographic functions and provides various utility functions.
3. Objective
3.1 User friendly application for secure transmission.
Basic aim is to develop a user friendly application so that user can securely transmit data or
information with limited knowledge about cryptographic algorithms. Any individual or
organization can rely on this application for confidentiality and authenticity of resources
3.2 Easy implementation of cryptographic function
Cryptographic libraries are based on command line tools and are difficult to be used. It
requires sequential instruction to be provided manually through DOS. This application will
make the use of crypto function (openSSL) easy through interface.
3.3 Combination of different functionalities
Application reduces the effort of executing commands one after another enabling user to view,
control, and manipulate multiple things simultaneously. Also application executes multiple
tasks to be performed in one step.
12. 11 | P a g e
4. Functionality
4.1 Generation of key pair and associated certificates including self‐signed root certificate.
4.2 Signature and verification of signature
4.3 Encryption and decryption
4.4 Combination of signature and encryption
5. Platform
5.1 Java using swing and awt packages
5.2 OpenSSL crypto libraries
5.3 Support for FIPS 140 label 2*
complying crypto tokens.
6. Overview
The application has been developed in Java using different packages and libraries. Application
has nine buttons in its homepage where each of the button performs a specific task it has been
assigned with. With the click of the user, application executes the request for further
processing. With each of the request, application asks for the input file and processes them
using openSSL instructions to execute the output
* -> security standards
Fig 3: screenshot of application’s home page
13. 12 | P a g e
Buttons
6.1 Generate Key: This button generates private, public or key‐pair with specific number of bits
and secure it with passphrase (if provided) using RSA algorithm
6.2 Generate Certificate: It provides the option to generate certificate request, to create a self‐
signed root certificate for the system/Server with the mentioned validity period and name or to
sign a certificate request using root CA account
6.3 Export PKCS#12 Certificate: It exports the certificate in .pfx format so as to be imported to
the browser or other platforms.
6.4 Generate Digest: This button lets user create a digest for a given file, add digital signature
for a message or to verify a signature
6.5 Encrypt/Decrypt: Encrypts a particular file using cipher through passphrase and similarly
decrypts a file. It provides user with the option of base 64 encoding.
6.6 Generate Signature: This option lets user generate their digital signature for a message
through signing certificate.
6.7 Sign & Encrypt: This button will create a compressed file containing encrypted form of the
message along with the user’s signature, its certificate as well as the encrypted passphrase.
6.8 Verify Signature: This Command verifies the signature of the sender with the actual
message sent
6.9 Decrypt & Verify: It decrypts the message received as well as verifies the signature to
ensure authenticity of the message by selecting the files sent by the sender.
Default hashing algorithm: SHA1
Default Cipher: aes‐192‐cbc
7. Requirements
Java development kit(6.0 and above)
Microsoft Windows Operating system
7‐Zip
OpenSSL library (0.9.81 and above)
FIPS 140 label 2 crypto tokens
14. 13 | P a g e
8. Significance at IDRBT
8.1 Current Scenario
IDRBT CA uses an application build by TCS for public key infrastructure requirement including
signing certificates. It requires high end servers and huge database from oracle. Also IDRBT do
not have its own application to provide assistance to banks for PKI on demand
8.2 Drawback
Huge expenditure of money
Not complete utilization of huge resources due to small scale usage
8.3 Proposed System
The application developed during this project requires a minimal cost for its usage and
will work properly in a small level organization such as IDRBT CA. Expenditure of small
amount of money for ensuring security of the application will be the only cost and the
application to serve the same purpose.
Different banks run multiple level of application which requires security like structured
financial messaging system (SFMS), National electronic Fund Transfer (NEFT) which must
be secured. This application will let IDRBT provide banks with public key cryptography
facilities on their request for enabling PKI facilities in their application.
15. 14 | P a g e
9. Methodology
9.1 Sequence Diagram
Figure 4: work flow model
16. 15 | P a g e
9.2 Operating Instruction
9.2.1Generate Key
Click on generate key button from home page.
Another frame will open up where user will have to select the path where key is to be stored.
This is done using JFileChooser class of javax.swing package.
User will also have to provide specific number of bits and passphrase (optional)
User will finally select the choice to generate public key, private key or key pair. In case of key
pair, application will first generate private key and then will itself write public key in the same
file
9.2.2Generate Certificate
Click on Generate certificate button
An option frame will open up to select for one of the provided option.
Fig 5: Screenshot of key generation
Fig 6: Screenshot of certificate frame
17. 16 | P a g e
9.2.2.1 for certificate request, click on first button.
Another frame will open up asking user to provide with the instructions like validity and
certificate name.
After the instruction are provided, Certificate will be generated in .pem format
9.2.2.2 To generate self‐signed root CA account, user will need to click to second button.
Firstly, Root CA account have to be configured in the system by clicking on configure button. It
will create a folder with the entire CA configuration files so that root certificate and keys get
stored there
Root certificate name and validity period have to be provided to generate the certificate.
9.2.2.3 To sign a certificate using root account, third option will be selected were CA admin
will have to input its signing certificate
It will ask for the root password through pop up box and if correct will sign the certificate
The message box is displayed using JOptionPane class of the javax.swing package
Fig 7: Screenshot of certificate request
Fig 8: screenshot for Root Certificate
Fig 9: screenshot for certificate signing
18. 17 | P a g e
9.2.3 Export PKCS#12 certificate
User will have to select the certificate file to be exported using JFileChooser class and the name
of the certificate.
A click on export button will export the certificate in .pfx format in the selected location
9.2.4 Generate Digest
Click on Generate Digest Button
Another frame will open up asking user to input the message file .Also user will have the option
to select the digest method from the dropdown menu (Optional)
Digest of the method will be created in the same directory as inputfile_out.extension file
Fig 10: screenshot for PKCS#12 export
Fig 11: screenshot for file selection
Fig 12: screenshot for generating digest
19. 18 | P a g e
9.2.5 Encrypt/Decrypt*
User will click on the Encrypt/Decrypt button and then encrypt or decrypt option
Another Frame will open up asking user to provide the message file and passphrase (symmetric
key) to be selected in GUI mode using JFileChooser class
User can also select base 64 encoding option and cipher (optional).
In case of encryption, it will then encrypt the file as inputfile_enc.extension in the same
directory and similarly for decryption, it will decrypt the file as inputfile_dec.extension in same
directory
9.2.6 Generate Signature
User will click on the Generate Signature Button
Another Frame will open up where users have to provide the input file for which signature has
to be done and the signing certificate
Application will extract the private key from the certificate in the backend and will then create
the signature for the file using default/selected hashing algorithm as inputfile_sign extension in
same directory
* ‐> based on symmetric key algorithm
Fig 13: screenshot for decryption*
Fig 14: screenshot for signature frame
20. 19 | P a g e
A pop up window will display providing user the option to compress the message file with
signature. If selected, a .zip file will be created with the required document in selected folder
9.2.7Verify Signature:
User will click on the verify Signature Button
In the next frame User will provide the sender’s certificate, signature file and the actual
message file.
Application will extract the public key from the certificate to create digest from signature and
then will check it with the digest of the message file
If both will be equal, message box will display with “verified OK” or else “verification failed”.
9.2.8 Sign & Encrypt
Fig 14: Screenshot for message box
Fig 15: Screenshot for verification
Fig 16: Screenshot for signature Fig 17: Screenshot for encryption
21. 20 | P a g e
Click on Sign & Encrypt button.
Another Frame will open up where user will provide the required instruction for signing
Application will generate the signature by executing the provided inputs.
Further inputs will be asked in another frame for encryption like receiver’s certificate and
passphrase.
Actual text file will then be encrypted using selected/default algorithm and the passphrase will
be encrypted using public key of the receiver.
All these required documents will now be zipped in a single file created at the desktop.
92.9 Decrypt & Verify
User Will Click on the Decrypt & verify button
Another frame will open up where user will have to select the compressed .zip file with the
entire required file.
Application will uncompressed the file and extract all the required documents.
It will then decrypt the message file by first decrypting the symmetric key using the private key
of the receiver and then using that symmetric key to decrypt the actual message file.
Further, the digest of the actual message file is compared with the signature file to ensure the
authenticity of the message
Fig 18: Screenshot for message box
Fig 19: screenshot for decrypt & verify
22. 21 | P a g e
9.3 Class Diagrams
9.3.1Homepage
Figure 20: Default package
23. 22 | P a g e
9.3.2 Key Generation
Figure 21: test package
24. 23 | P a g e
9.3.3 Certificates
Fig 22: Certificate package
25. 24 | P a g e
9.3.4 Digest
Figure 23: Digest Package
26. 25 | P a g e
9.3.5 Encrypt/Decrypt
Figure 24: encrypt package
27. 26 | P a g e
9.3.6 Signature
9.3.7 Verify Signature
Figure 25: sign package
Figure 26: verify package
28. 27 | P a g e
9.3.8 Sign & Encrypt
Figure 27: signencrypt package
29. 28 | P a g e
9.3.9Decrypt & Verify
Figure 28: userdecrypt package
30. 29 | P a g e
10. Features
10.1 Enhanced Security
The application will ensures security of the keys by supporting crypto token reducing
considerably the chances of any of its misuse.Compatilibity has been maintained between
application and token so that keys and certificate generated will get stored in the token itself
and the application will prompt the selection of certificate from there only.
Image source: blog.cryptographyengineering.com
10.2Selection of Algorithm:
Facilitates the user to continue with the default ciphers and hashing algorithms or provide it
themselves to ensure further security. A user based on his knowledge can either select suitable
algorithms or can rely on the application to do it for them.
10.3 Attached Log file
An embedded Log File that is an excel file is associated with the application for complete
record of files with performed operation. An administrator or owner of the system/organization
Can always have a look regarding different operations and certificates used with the application
Fig 29: crypto tokens
Fig 30: Screenshot for log file
31. 30 | P a g e
10.4 Data Integrity
Access forces user to enter a value for a value in each column. User will not be able to leave
that field blank since a message will pop up to let a user know that they need to enter a value
for those fields
10.5 Use of passphrase
Application encourage the use of passphrase while generating keys/certificate which is always
advisable in cryptographic functions
11.Way Forward
11.1Complete reliance of the application with crypto token
Crypto tokens or USB tokens are the essential requirements for an public key cryptography
application to be complete. Application need to be completely relied on all sorts of USB tokens,
So that a user can feel safe and assured
11.2Attached User Directory
A user directory or help file with step by step instruction should be clipped with the application
for easy usage of application for the end‐user
11.3Deployment over IDRBT Intranet and cloud
Once the application is fully complete and tested, it can be installed in a server system as well
as to cloud to facilitate its usage for all the concerned staff
Fig31: Screenshot for message box for input path
32. 31 | P a g e
Summary
The application which was developed during the course of the project will have a tremendous
impact at the end‐user level. The application will let user transfer data and information digitally
in a much simplified way. At an organization like IDRBT, it will enable Public key infrastructure
usage in a concise and easy manner .The application reduces the trouble of relying over
multiple applications for different cryptographic function as it provides entire set of public key
cryptosystem functionality and also enhanced security through its in‐built support for crypto
tokens.
This project will also help IDRBT CA to cut off their expenditure as it provides a much easy and
simplified way of signing certificate and will also help associated banks and concerned services
for securely running their application.
Application also has enhanced security features and support for lot many ciphers and hashing
algorithms which will ensure that from a beginner to a professional user, it can be accessed by
anyone. Administrator privileges have been ensured to reduce the chances of any misuse of
application and certificates.
33. 32 | P a g e
References
Links
http://www.openssl.org/
http://www.madboa.com/geek/openssl/
http://viralpatel.net/blogs/how‐to‐execute‐command‐prompt‐command‐view‐output‐
java/
http://www.fortystones.com/event‐handlers‐java/
http://stackoverflow.com/questions/17341944/how‐to‐store‐a‐file‐in‐java‐which‐is‐
generated‐on‐execution‐of‐a‐exe‐file
http://idrbtca.org.in/
http://www.eclipse.org/
http://en.wikipedia.org/
http://www.homeport.org/~adam/crypto/
http://www.watchdata.com/en/bank/
PDF
www.cgi.com/cgi/pdf/cgi_whpr_35_pki_e.pdf
citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.127...pdf
WatchSAFE ND 3.4 Std‐Briefing of the support for CryptAPI2.0.pdf
WatchSAFE ND 3.4 Std‐Briefing of the support for PKCS.pdf
java_2_complete_reference_(5th_ed)Herbert_Schildt
34. 33 | P a g e
PROJECT 2
DEPLOYMENT OF OX APP SUITE OVER RED HAT SEVER SYSTEM
FOR IDRBT INTRANET AND CLOUD
image source:www.ox.io
Fig 32: OX App Suite Model
35. 34 | P a g e
1. INTRODUCTION
OX App Suite provides a centralized cloud environment in which users can access email,
contacts, and calendar or address book without flipping back and forth between applications.
OX App Suite let user control all their digital activities from a single platform including managing
appointments, viewing and storing attachments.
To facilitates its usage for the IDRBT employees, it need to be installed over the network
through a server system and further over the cloud
2.Objective
Resolving compatilibity issues of OX AppSuite with private cloud
Deployment of OX app suite over Intranet
Configuration of the mail server and testing other functionality of the application
Study of IDRBT cloud and its feature and deployment of OX App Suite over meghdoot
stack( IDRBT Cloud)
3.Terminology
3.1 OX APP Suite: A centralized cloud environment that lets your users manage their digital
lives.
3.2 Red Hat Enterprise Network(RHEL): It is a commercially supported derivative of Fedora
tailored to meet the requirements of enterprise customers. It is a commercial product from Red
Hat which also sponsors Fedora as a community project
3.3 Apache Web Server : The Apache HTTP Server, commonly referred to as Apache is a web
server software program. Apache supports a variety of features, many implemented
as compiled modules which extend the core functionality
3.4 Open Exchange Server: Open‐Xchange Server is a partially open source project sponsored
by Open‐Xchange, Inc. It is used for developing collaboration software such as email and
calendars.
3.5 MySQL: MySQL is an open source relational database management system (RDBMS) that
runs as a server providing multi‐user access to a number of databases.
36. 35 | P a g e
3.6 Mail server: A mail server is a computer that serves as an electronic post office for email.
Mail exchanged across networks is passed between mail servers that run specially designed
software.
3.7 Intranet: An intranet is a computer network that uses Internet Protocol technology to share
information, operational systems, or computing services within an organization.
3.8 Cloud Computing: It is a colloquial expression used to describe a variety of
different computing concepts that involve a large number of computers that are connected
through a real‐time communication network.
3.9 Image: cloud users install operating‐system images and their application software on the
cloud infrastructure. In this model, the cloud user patches and maintains the operating systems
and the application software
3.10 Virtual Machine: A virtual machine (VM) is a software implemented abstraction of the
underlying hardware, which is presented to the application layer of the system. It is a software
implementation of a machine (i.e. a computer) that executes programs like a physical machine.
3.11 Security Group: A security group acts as a firewall that controls the traffic allowed to reach
one or more instances. When cloud administrator launches a VM it is assigned with one or
more security groups.
4.Platform
4.1 Red Hat Enterprise Linux(RHEL) OS/CentOS operating system
4.2 Apache Webserver
4.3 MySql
4.4 OXAppSuite
4.5 Open Exchange Server
5.Requirements
5.1 Windows/linux/mac Operating system
5.2 Idrbt Intranet
5.3 OX user account in the server system
37. 36 | P a g e
6.OX App Suite at IDRBT
6.1Governing Council Instructions
Directive from the governing council of IDRBT to test the application in our own environment to
look for the functionality it offers.
6.2Advantageous
Application will have tremendous effect on the day to day working of employees helping them
to store attachments, maintain appointment and contacts digitally
6.3 Security
Though this application can run over OX cloud but its deployment over intranet will ensure
security of the data as everything will be within the premises and better management
7. Installation and Deployment
7.1 OX App Suite over IDRBT Intranet
7.1.1Methodology
7.1.1.1RHEL Operating System
OX App Suite is supported only on Linux based Servers, so a Red Hat enterprise Linux operating
system is installed over Windows OS using Virtual box.
7.1.1.2Add Open‐Xchange Repository
Open‐Xchange maintains public available software repositories for different platforms, such as
RHEL. This repository was added to the RHEL installation to enable simple installation and
updates.
7.1.1.3 Updating repositories and installing packages
RHEL operating system was updated and following packages were downloaded using the
instruction:
38. 37 | P a g e
yum install mysql‐server open‐xchange open‐xchange‐authentication‐database
open‐xchange‐ajp open‐xchange‐cluster‐discovery‐static open‐xchange‐admin open‐xchange‐
appsuite
open‐xchange‐appsuite‐backend open‐xchange‐appsuite‐manifest
7.1.1.4Open‐Xchange configuration
Open Xchange database is initialized and a connection is established between the local server
and the database
7.1.1.5 Configuration of services
Apache webserver files are configured properly to access the groupware frontend.
Mod_proxy_ajp module was configured by creating a new Apache configuration file.
Default website settings were modified to display the Open‐Xchange Graphic User
interface(GUI)
7.1.1.6Adding services to run levels
The new services were installed and configured, but to make them start up on a server boot,
some run levels were added
$ chkconfig ‐‐level 345 mysqld on
$ chkconfig ‐‐level 345 httpd on
$ chkconfig ‐‐level 345 open‐xchange on
Fig 33: Screenshot for OX App Suite login
39. 38 | P a g e
7.1.1.7Creating contexts and users
After the whole setup is complete and we got a login screen when accessing the server with a
web browser, a context and default user account is created and various functionality of the
application is tested.
7.1.2 Result:
Open Xchange Application is running over the Intranet and can be accessed at IP
172.16.0.22.End user accounts were created and all the functionality were checked. Mail server
was configured and attachments were uploaded and stored using the account and were also
viewed digitally. Multiple numbers of accounts were created with different set of data and log
out and deletions of account feature were also tested.
Fig 34: Screenshot for App Suite User Home page
40. 39 | P a g e
7.2 OX app suite over Cloud*
7.2.1Methodology
OX App Suite is supported only on Linux based operating system, so a centos/red hat
image need to be created in the private cloud
Once the image is created ,application need to be deployed over the virtual machine
with described image
A new security group will be created with all authorized systems(who have the access
right to OX App Suite) and the defined virtual machine will be made accessible to it
7.2.2 Advantages
Better management of accounts with effective performance and maximum coverage.
Scalability and sustainability
Effective performance and coverage
All time support irrespective of server system
7.2.3 Technical difficulty
As of now, there is no virtual machine with Linux based image in the cloud. So an image needs
to be created in the cloud. It requires a virtual drive of the OS which is not available in the
organization.
*‐> IDRBT private cloud
41. 40 | P a g e
Summary
OX App Suite is a cloud based application which manages the digital life of the user through a
single platform. The deployment of the application requires execution of some
technical/nontechnical step which was performed and effectively we have OX App Suite
running over the Intranet. It will have to be maintained by the administrator of the server
system and a user over IDRBT network can utilize its features
Application need to be moved to the private cloud of IDRBT which is very essential for
performance and security purposes and working for this have been started already. There are
some technical difficulties but once it will be solved application can be moved to the easily to
the cloud by performing the steps.
42. 41 | P a g e
References
http://oxpedia.org/wiki/index.php?title=AppSuite:Open‐
Xchange_Installation_Guide_for_RHEL6
https://www.ox.io/
http://www.redhat.com/products/enterprise‐linux/
http://www.mysql.com/
https://en.wikipedia.org
http://httpd.apache.org/
http://www.rackspace.com/knowledge_center/article/creating‐a‐new‐cloud‐server‐
cloning‐from‐a‐saved‐image
http://stackoverflow.com/
http://www.south.cattelecom.com/Technologies/CloudComputing/0071626948_chap0
1.pdf