Khóa luận tốt nghiệp: Testament Management Service

VIETNAM NATIONAL UNIVERSITY HOCHIMINH CITYUNIVERSITY OF INFORMATION TECHNOLOGY ADVANCED PROGRAM IN INFORMATION SYSTEMS HÀ VĨNH PHÚC - PHAM HAO TIEP TESTAMENT MANAGEMENT SERVICE BACHELOR

VIETNAM NATIONAL UNIVERSITY HOCHIMINH CITY

UNIVERSITY OF INFORMATION TECHNOLOGY

ADVANCED PROGRAM IN INFORMATION SYSTEMS

HÀ VĨNH PHÚC - PHAM HAO TIEP

TESTAMENT MANAGEMENT SERVICE

BACHELOR OF ENGINEERING IN INFORMATION SYSTEMS

HO CHI MINH CITY, 2020

NATIONAL UNIVERSITY HOCHIMINH CITY

UNIVERSITY OF INFORMATION TECHNOLOGY

ADVANCED PROGRAM IN INFORMATION SYSTEMS

HA VINH PHUC-16520943 PHAM HAO TIEP-16521237

TESTAMENT MANAGEMENT SERVICE

BACHELOR OF ENGINEERING IN INFORMATION SYSTEMS

THESIS ADVISOR

PH.D ĐỖ TRONG HỢP

HO CHI MINH CITY, 2020

ASSESSMENT COMMITTEE The Assessment Committee is established under the Decision „ date

" by Rector of the University of Information Technology.

- Chairman.

First of all, We would like to sincerely thank the teachers of the University of Information Technology, National University of Ho Chi Minh City, especially the teachers of the Information System Faculty It is thanks to the valuable knowledge that

the teachers passed through the school hours that have created a stepping stone and

solid luggage to help me complete the topic better.

In particular, We would like to extend my sincere thanks and deep gratitude to Mr.

Do Trong Hop and Mr Nguyen Thanh Binh, thank you two teachers for their

enthusiastic guidance and favorable conditions for me to complete this thesis Thanks

to the suggestions and corrections of the two teachers, We can overcome my own shortcomings and errors to better orient the topic development.

Besides, We would also like to thank my friends and especially my family for always

cheering and helping me to improve this topic.

During the process of implementing the topic, We always put the research, research

and development of the topic as a top goal combined with the available background

knowledge to be able to complete the topic in the best way However, in the implementation process, shortcomings are inevitable Therefore, We look forward to receiving helpful contributions and advice from the teachers to strengthen the existing

knowledge and be a prerequisite for me to be able to implement other projects in the

future.

Thank you sincerely.

Chapter 1 PROBLEM OVERVIEW ccscsssscscssssssssssesssarscsesssnseratacecssnssesesatarecenensaeeeaeer 1

1.1 Problem statement cscecssecssecssecssessessessseessesssessseessessseessesseessesssseesensseeesesesesssesesese 1 1.2 CUrrent status ceccecesseesseesseessesssesssessseesstessesssesssesssesssessstssstssstsseneseesseessnessnesseessees 1

1.3 Thesis Objective c.cccecseecsecsecsecssessseessessesssesssessuessuessusssusesessssstsvsssesssesssssssesssesesesesess 1

1.4 Object, SCOpE co tt nh HH ng hư 2

Tìm5.,.n 2 1.4/22 SCOpG HH HH HH HH HH Hà nàn 2

1.5 Methods ofimplementafion 2-+¿+2++t2E++tetrxeterkxtetrkrtrrkkrrrrkrrrrrrrrer 2

1.6 Report layout

Chapter 2 THEORETICAL BASIS.

2.1 Theoretical basis 5c tệ th Tình Hà Hà Hà Hư Hà He nHườ 4

2.2 Technical BasiC - ó5 tì TT TH HH HH Hà Hà HH ng 4

PP No nh 4

PEnN he -4354.B 5

2.3.1 Untroduction cscssssssesssssesssssseeesssssssesssssssssssssssesssvessessuseessssnseesssseeessssneeessssesesesnineeessss 5

2.5 REST- RESTFul API in website đesign s scctntétettittitrirrirrirrrrerkerkrrie 7

2.5.1 REST and RESTful API 2.5.2 CRUD.

2.5.3 MongoDB Advantages of MongoDB

2.6 HTML and CSS 10

2.7 Several libraries for system

2.7.1 Node module Date-fns

3.3.10 Pay to active testament

3.3.11 Package price management

3.3.12 Check login

3.3.13 Send the testament

3.4 Sequence DiagTamm - s11 TH HT HH 33

3.4.1 Sequence diagram about Create new beneficiary 5+ + ssxsxxevexevexeereeree 33

3.4.2 Sequence diagram about Create new 'T€StaIm€I( 5+ 5+ 55+ se++e+ezeseeereerer 34

3.4.3 Sequence diagram about Update Beneficiary - - - -c+++c+s+xvxsrerexezeresererrrrer 35 3.4.4 Sequence diagram about Update 'Testarmeit - + + +e£+£+x+x+tztxxererrerrxee 36 3.4.5 Sequence diagram about Create new Admin (Staff) s55 5s sxsxsxsxsxeereeree 37

E9 9ð nh 38E9 ch on nan 42

Chapter 4 INSTALLATION AND DEPLOYMENT - . nghe 45

ANH U05 45 4.2 Website (200i n8 A 3 45

Chapter 5 CONCLUSION - - - - S7 SA SH HH ng 64

hs nh 64 5.2 Advantapes 46 (9 ‹›So eieieree 64 3.34 Weakness đa ay .m / 65 5.4 Orientation of topic development - 6 52 S*S+£+E‡E+E+t+EeEeEeEeteketeerererserkek 65

REFERENCES - - Q- Họ HH HH TH 66

iv

LIST OF FIGURES

Figure 2.1 Relationship between client, API and Server << s «<< se 7

Figure 2.2 Date-fins Module 5-5 5- < 5< 2S 9.99 99.9 0900.9000000 099ø 10

Figure 2.3 Cron Job œ- <5 << << 4 9 9 4 00.00000000 00009 0040008946 0896 11

Figure 2.4 Node ÏMaÏÏ€TF d 6 << S2 99.99.9894 996004.089489489848994889488696 11

Figure 2.5 AES-256 - sọ Họ 000001 000060080900 12

Figure 2.6 AES-256 ©nCTYJDfÏOTA 55 <5 < sọ HH HH 00000000996 12

Figure 2.7 AES-256 €CTYJDfÏOTA d 0 G5 5 9 9 9 9.9 00008809 9ø 13

Figure 3.1 Use case (ÌÏ4ØTTA1H - 0 5 5 <5 5< 5< 9 9 9 In 0000 099ø 16

Figure 3.2 Activity diagram about Create 'TesfaI€nnf -< «5s «5s sses ss 20

Figure 3.3 Activity diagram about Create Beneficiary -s««<s«e<se 21

Figure 3.4 Activity diagram about Update Testament 5s «55s «se 22

Figure 3.5 Activity diagram about Edit Testament << s «se sesess 23

Figure 3.6 Activity diagram about Update Testament «<< ««ses« 24

Figure 3.7 Activity diagram about Payment Testament -s«««s« 25

Figure 3.8 Activity diagram about Delete Testament scsssccssscssssessscescees 26

Figure 3.9 Activity diagram about Edit BenefÏCiary -os sssssssssssssse 27

Figure 3.10 Activity diagram about Delete Beneficiary s«-<s«<<s« 28

Figure 3.11 Activity diagram about Delete Beneficiary «<< «««es« 29

Figure 3.12 Activity diagram about Package price managemeni( 30

Figure 3.13 Activity diagram about Check login’s IS€F s- s55 s «<< s 31

Figure 3.14 Activity diagram about Send Testament s5 <s=<< se 32

Figure 3.15 Sequence diagram about Create new beneficiary 33

Figure 3.16 Sequence diagram about Create Testament s5 <<s« 34

Figure 3.17 Sequence diagram about Update Beneficiary « s««<s« 35

Figure 3.18 Sequence diagram about Update 'Testamenf -<s« 36

Figure 3.19 Sequence diagram about Create new Amiỉn <- <««s<s« 37

Figure 3.20 Class đÏaTA1H o-< 5 5 5 << 9 9 9 0 0000090 0908996 38

Figure 3.21 Database DÏaØraIm 5< 5< 5s in 00000990 42

Figure 4.1 Connect localdata on MongoA tas o5 << 55s S555 s555se5 46

Figure 4.2 Add ip Address CUFT€TIỂ - <5 << 5< 5 9 S9 93 0 190 8908996 46

Figure 4.3 Deploy server and client to Herokw o<- << 5s < «5s ssessesess 47

Figure 4.4 Landing page cccsccsssssssscssscsssccssccsssccsssccssscssssssssssssscssscsssscsssscesseees 47

Figure 4.6 Login page c- G5 < Ă 9 c0 000 00040008906 0896 49

Figure 4.7 Register page csssccsssssssssssscsssccssssssscssssccsscscsssssssscsssscssssssscsssacssssees 50

Figure 4.8 Verify email’s IISLF o5 << 5< 9.969.960 004.0094088946 0860 51

Figure 4.9 Create List of Ben€fÏCÏAFFÏ€S o5 s s9 006089860896 52

Figure 4.10 Create list of testament G5 5 5 9 S9 990.0006999 0995 53

vi

Figure 4.11 Notify user’s ÏOgÏN c << << 512531955 155853855585568558858885085566 54

Figure 4.12 Payment “S IS€LF «<< 5 < 5 5 99 99.6 9.9909 9604.989408890 8896 55

Figure 4.13 User's CUSÉOIH <5 5 5< 5< 9E 5 90.90900900 0900000500468 80 56

Figure 4.14 Update user information o o G5 6 55s S5 695 5894 95895956956669% 57

Figure 4.15 Change the DAaSSWOTC 5- <5 ng 09008008996 58

Figure 4.16 Revenue’s admin or supeFa(ImÏH <- << 55s ssesssssssesee 59

Figure 4.17 Testament Management and status’s tes(amen( «- -s« 60

Figure 4.18 Button login for user and send all testament for beneficiary 61

Figure 4.19 Management price ‘s f€S(AIT€TIÍ 5-5 5 555 S51 559559955695 62

Figure 4.20 Create new Admin for Supe? 0< 5555 995995 2sø 63

Vii

LIST OF TABLES

Table 3.1 Desciption Of ACtOTs cccceesccessesssecessecesceceeeeesecececeacecsaeeeeaeceeaeeeseeesaes 17

Table 3.2 Desciption Of Usecases - 5 3T HH ngư 19

Table 3.3 Class Diagram Package of tabÌ- - - 5 3+ 1+ Skseeeeseeerere 39

Table 3.4 Class Diagram Payment of tabÌ - G1111 ng re 39

Table 3.5 Class Diagram Testament of table - c5 + + + kssveeseeseere 40

Table 3.6 Class Diagram User of table - - Gv TH HH Hy 41

Table 3.7 Database Diagram Package of tabÌe - 5S sieseseeee 43

Table 3.8 Database Diagram Payment of table eee eee eseeeeeeeceeeeeeeeeeseeseeseens 43

Table 3.9 Database Diagram Testament of table - «+ + s++++++eexsseseeexs 44

Table 3.10 Database Diagram User of table - «6+ seseeeeesersrserske 44

Table 4.1 Description ‘s Landing page :cccccccceesseeseesseeseeeseeseeeseeeseeeseeseeseenseeaes 48

Table 4.2 Description ‘s Login DÀ© - c2 3 11 19 11111111111 1111111 1 giết 49

Table 4.3 Description ‘s Register paB€ - nh HH HH HH ng riệt 51

Table 4.4 Description ‘s Create List Beneficiaries - - 5 55s +*svrsserss 53

Table 4.5 Description Create list of testaments Dage€ - -.- 55s + svssees 54

Table 4.6 Description Notify user’s logit ceeeessceeesceseeeesceeeeeeeeeeeseeeeneeseeensaees 54

Table 4.7 Description Payment “S USEF :cceccesseessceeeeeeeeeeeseceeeeeeeseeeseceeeeaeenaeents 55

Table 4.8 Description Update user’s CUSfOTT - 5 5S SE +EskEsekseersersrke 56

Vili

Table 4.9 Description Update user “s InÍformatiOn - - s5 55 + ++v+seeseersees 57

Table 4.10 Description Change paSSWOT G1 1v HH ng ng 58

Table 4.11 Description Testament Management and status’s testament 60

Table 4.12 Description Button login and send testament for user - 61

Table 4.13 Description Create new Admin for super admIn s5 «s5+ 63

1X

LIST OF ACRONYMS

NO Acronyms Stands for

1 API Application Programming Interface

2 HTTP Hyper Text Transfer Protocol

3 JSON JavaScript Object Notation

4 HTML Hypertext Markup Language

5 CSS Cascading Style Sheets

6 REST Representational State Transfer

7 CRUD CREATE,READ,UPDATE,DELETE

8 UI User Interface

The thesis topic “Testament Management Service" is a topic aimed at users wishing

to leave content to be done by relatives after they pass through without legalobligations management on the website quickly and conveniently

In addition, With 2 main functions: the check logs user mechanism and the content

security function of the testament to meet the users' requirements easily and

conveniently

Nowadays, when relationships in society are increasingly complicated, personal

information such as (bank accounts, social networks and other sensitive

information),the dark sides when the living people do not want to share and reveal to

anyone.

Current users are still afraid of or distrust the existing security services According

the above needs, a new security mechanism is born, ensuring that the system is highly

secure, Management testament service testament solve that problems

e Build a friendly and easy-to-use interface for users, Testaments will be sent

at the right time and in confidentiality of user information

e Construction tools include:NodeJs, API, Typescripts, Html and Css,

Angular, MongoDB

xi

Chapter 1 PROBLEM OVERVIEW

1.1 Problem statement

In today's life, society is increasingly modern, the relationship between people and

people is more complicated The cultural confusion and conflict between the East and

the West became more and more apparent

Besides, there are many sensitive issues that one cannot share while alive, only

when they died they dare to speak out Examples are bloodline, wealth, etc Next to

material values, it also has soft values, numeric values Examples are blood

relationships, promises many years ago that one could not fulfill while living, secrets

that they did not want the law to interfere with, account information, passwords, bank

account information

Their information sharing wants to share their information with a few special

people to them, the rest cannot be known

1.2 Current status

Actually ,they can be resolved by writing a testament and having a lawyer archive

it or deposited in banks But this job is very complicated and expensive, at the same

time there is a risk of information leakage, as the written forms are easily exposed

Whereas the information they need to send is unnecessary using that method

From these status quo, intangibles still cannot be completely solved, it is only

suitable for tangible property From that current state, this “Testament ManagementService” was created

1.3 Thesis objective

Building a complete testament management service website for users

Meeting the needs of hidden corners that customers cannot share with anyone

Create a web service that users can trust and use

Testament will be sent to the right people at the right time and secure

Only the creator and recipient can see the testament'’s content

The thesis is developed based on the personal purpose of the user, so it will focus

on the niche market

Feasibility: focus on objects solving blind problems that are not related to law(such

as blood relationships, promises many years ago that one could not fulfill while living,

secrets that they did not want the law to interfere with) through a regular testament

1.4 Object, scope

1.4.1 Object

Find out the structure, how the website works

Creating and managing testaments in online website based on need and

sentimentality without regard to legal issues

Building a database system in accordance with the website functions

Built in functionality to check user logs and activate the content of the testament

when it is determined that the user is dead through real-time

Authenticate email user

The beneficiary must answer some sercurity question correctly in order to view

testaments.

1.4.2 Scope

The authors only focuses on researching some of the following contents to build

applications for the thesis :

Apply basic content about Angular, RESTful API , MongoDB , NodeJS and their

highlights

Research the basics of libraries like date-fns, node mailer, and use them to inspect

and prompt users

1.5 Methods of implementation

Back-end : use NodeJs and MongoDB to build REST API

Frond-end :use Angular ,Typescript

And several libraries to apply

1.6 Report layout

The thesis is divided into five chapters

Chapter 1: Problem Overview

An overview of the thesis content The content includes: current status and problem

setting, topic objectives, research scope and report layout

Chapter 2: Theoretical basis

Introduce and give reasons to choose the technologies used in the topic Giving

general information

Chapter 3: System analysis and design

In this part, the article will provide about synchronous process diagram, system

design analysis, database design, interface design

Chapter 4: Installing and Deploying the System

Presentation of the implementation and deployment website, summary of the test

execution

Chapter 5: Conclusion

Summarize conclusions, highlight pros, cons and development orientation for the

topic in the future

Chapter 2 THEORETICAL BASIS

2.1 Theoretical basis

- The website has the function of checking user login from there if the user is not

logged in then prompt them to log in Check the activation period of the will when the

user is not logged in until the expiration time then check if the user is alive or not

- System adopts admin to send testament or login to users when the user forgets

- User can create list of beneficiaries of wills list, edit all information

- The system guarantees 2 main factors:

e Testament is sent to the right person at the right time base on activation time

of testament

e When a testament is created, only the user and the person who can know the

content of the testament

2.2 Technical Basic

2.2.1 Angular

2.2.1.1 IntroductionAngular (commonly referred to as "Angular 2+" or "Angular v2 and above") is a

TypeScript-based open-source web application framework led by the Angular Team at

Google and by a community of individuals and corporations Angular is a complete

rewrite from the same team that built AngularJS

2.2.1.2 Features for Angular

Angular's structure is the structure of components and services Angular is based

on model MVC (model - view - controller)

Angular also has its own innovations such as:

- Updated Angular CLI, Command Line interface — Add new commands,

such as ng-update used to upgrade versions or ng-add used to add components

quickly

- Updated CDK, Component Development Kit — Support for building user

interfaces without using Angular libraries Design support for website layout

- Updated Angular Material — Added new ingredients

- Usage of RxJS3, a reactive JS library — Using RxJS.

- Angular Element — Allows Angular elements to be exported and can be used

on any other HTML page

2.2.1.3 Advantages for Angular

Easy to learn: Angular2 is developed on a more modern platform, has many

features, and is easier for beginners than Angular 1.x

- Typescript4: Angular2 is written with TypeScript, a superset of JavaScript

that implements many of the features of ES2016 and features of TypeScript,

making it easier to handle

¬ Performance and mobile compatible: Angular 2 integrates with mobile by

integrating with NativeScript, an open source library is a bridge between

JavaScript and mobile

- Project architecture and maintenance: The new angular module system

makes it easier to develop large projects more efficiently.[1]

2.3 NodeJS

2.3.1 Introduction

NodeJS is a platform built on the V8 JavaScript Engine - the interpreter that

executes JavaScript code, making building web applications simple and easily

extensible As an asynchronous event-driven JavaScript runtime[5]

2.3.2 Features of NodeJS

e Asynchronous: All NodeJS APIs are asynchronous (none-blocking), it

is mainly based on NodeJS Server platform and waiting for Server to

return data The server move to subsequent APIs after the call and

Node.js event notification mechanism helps the server to get a response

from previous API calls (Realtime)

e Fast Processing Speed: NodeJs is built on the V8 JavaScript Engine

platform, so the execution of the program is very fast

e Single threaded but highly extensible: Node.js uses a single threaded

model with iterative events Event mechanisms help the server to

respond in a non-blocking manner and make the server highly scalable

as opposed to traditional servers that create limited threads to handle

requests Node.js uses a single-threaded program and similar programs

that can service a much larger number of requests than traditional servers

like Apache HTTP Server

2.4 API

API (Application Programming Interface), ie application programming interface

This is a means for two or more applications to exchange and interact with each other,

creating a more efficient and convenient interaction between the user and the

application

With the API, programmers can access and retrieve data from the server, making it

easier to present them on their software application or website

So far, the API has evolved with many different applications and software The

latest generation of web / application APIs can be applied to any system from a

database, operating system, web based system, library or even computer hardware

USERS ®E INTERNET =

SERVER DATABASE

DESKTOP

Figure 2.1 Relationship between client, API and server

2.5 REST- RESTFul API in website design

2.5.1 REST and RESTful API

REST, short for Representational State Transfer, is a sample structure that defines

applications that communicate and interact with each other It consists of three basic

parts such as: external server, API server and client server In it, the client can be

anything, web-based application, library or even various software of a computer

software

REST allows clients to access the API server and execute commands to retrieve,

modify, or delete data from the external server Programmers can freely access and edit

data from the server without knowing how the system works

The main protocol that REST uses is HTTP, a common protocol with most

applications or web services today It provides quick performance in the context of a

robust bus and makes REST architecture more speedy

In addition, REST also has the advantage of using a stateless protocol This system

does not use sessions, cookies, does not need to know that information in every request

to an external server This helps REST reduce the load on the external server,

improving working efficiency

REST was originally designed for use with web services However, any software

can use REST as a bridge to communicate with other applications better and more

efficiently That is also the reason why REST is the default standard for most protocols

And the APIs that are designed according to a REST architecture are called RESTful

APIs.[7]

2.5.2 CRUD

CRUD includes: Create, Read, Update, Delete These are the four basic functions

of any database REST and RESTful are no exception These architectures all fully

support 4 commands, making it easier to manipulate data from the server

In REST, 4 commands have a slightly different name:

- Post: The function of creating new data and information

- Get: The command reads / retrieves a new data or information

- Put: Update information and existing data

- Delete: Delete existing information and data

2.5.3 MongoDB

2.5.3.1 Introduction

MongoDB is a cross-platform document-oriented database program Classified

as a NoSQL database program, MongoDB uses JSON-like documents with

optional schemas MongoDB is developed by MongoDB Inc and licensed under

the Server Side Public License (SSPL) [6]

Advantages of MongoDB

High availability through built-in replication and failover

Horizontal scalability with native sharding

End-to-end security

Native document validation and schema exploration with Compass

Management tooling for automation, monitoring, and backup

Fully elastic database as a service with built-in best practices

Beside that, Mongoose is an Object Data Modeling (ODM) library for MongoDB

and Node.Js

2.5.3.2 TypeScript

TypeScript 1s a free and open source language that 1s currently being developed and

maintained by Microsoft It is an enhanced version of JavaScript, with the addition of

static type and class options on the basis of object oriented programming Anders

Hejlsberg, C # language architect and creator of the Delphi and Turbo Pascal

languages participated in the development of TypeScript.[3]

TypeScript can be used to develop client-side or server-side applications (Node.js)

TypeScript supports defining files that contain type information of JavaScript

libraries

These are third-party header files for popular libraries like jQuery, MongoDB, D3.js,

etc The header files for the Node.js base modules are also available for development

Node.js program using TypeScript

Advantages of TypeScript:

e Easy to develop large projects: With the use of the latest techniques and

object oriented programming, TypeScript makes developing large projects

a breeze

e Many Frameworks choose: Currently, the JavaScript Frameworks have

gradually encouraged to use TypeScript for development, such as

AngularJS 2.0 and Ionic 2.0

e Support for the latest version of JavaScript: TypeScript always ensures full

use of the latest JavaScript techniques, for example the current version is

ECMAScript 2017 (ES8)

e Asan open source language: TypeScript is an open source code, so it can

be used at no cost, in addition to having strong support from the

community

e TypeScript is JavaScript: The essence of TypeScript is to compile and

generate JavaScript code Therefore, it is possible to use mixed syntax of

JavaScript on the side.[3]

2.6 HTML and CSS

- HTML stands for Hyper Text Markup Language It is used to design web pages

using markup language HTML is the combination of Hypertext and Markup language

Hypertext defines the link between the web pages Markup language is used to define

the text document within tag which defines the structure of web pages This language

is used to annotate (make notes for the computer) text so that a machine can understand

it and manipulate text accordingly Most markup languages (e.g HTML) are human

readable Language uses tags to define what manipulation has to be done on the text

- Cascading Style Sheets, fondly referred to as CSS, is a simply designed

language intended to simplify the process of making web pages presentable CSS

allows you to apply styles to web pages More importantly, CSS enables you to do

this independent of the HTML that makes up each web page

CSS is easy to learn and understood but it provides powerful control over the

presentation of an HTML document

2.7 Several libraries for system

2.7.1 Node module Date-fns

Date-fns is the modular path to date/time manipulation The functional

programming submodule provides a better alternative to chaining—composition—

which makes your code clean, safe, and doesn't bloat your build date-fns supports

both Flow and TypeScript

10

2.7.2 CronJob

Function to execute periodically at a predetermined time by the administrator.Put

simply, cronb job is a function that helps to automatically schedule certain jobs at a

time that need to be repeated

Saturday, or use names; 7 is also Sunday)

Se Se Se t HE SE HEHE 4t — command to execute

Figure 2.3 Cron Job

2.7.4.1 SERCURITY OF THE SYSTEM

The system ensures that data is not visible to the private-key holder by using the

aes-256-ctr algorithm to encrypt the information

Flow: When the information the user submits to the system, the 64bit private key will

be used to encrypt the information in a pure (user-readable) form into a hash chain and

11

save this hash string in the database that no one else can see and understand this data

in the database And when the user wants to see detailed information of the content, the

system will use the original private key to decrypt back to the original pure data and

this data the user can understand

Private Key

Decryption Plaintext Algorithm Message

Ciphertext Private Key

MOT) OUT) COT)

Key —> block cipher me, block cipher Key —> block cipher

y encryption y encryption y encryption

Plaintext ——> Plaintext ——> Plaintext ——>

COO COT) COO

CTT) CITT) COO)

Ciphertext Ciphertext Ciphertext

Counter (CTR) mode encryption

Figure 2.6 AES-256 encryption

12

Nonce Counter Nonce Counter Nonce Counter (59bcf35 00000000 c59bcf35 00000001 ci9cf35, 00000002

mm eae

block cipher block cipher block cipher

Key —> : Key—> : Key—> :

encryption encryption encryption

cite mmf aT te

CO) CO IIIIIIIIIIIIE

COT) COT) COT)

Plaintext Plaintext Plaintext

Counter (CTR) mode decryption

Figure 2.7 AES-256 decryption

2.7.4.2, How strong will be the encryption in this AES-256 ?

Ultimately it depends what you mean by strong For example from an encryption point

of view, i.e taking the ability of an attacker to decrypt your ciphertext without access

to the key, it should be as strong as any other use of AES256 (there is some dicussion

on differential analysis between individual cipher blocks with a known plain text but

that would be a weakness of the encryption algorithm not of the CTR mode itself)

In the end whether CTR mode is appropriate will depends what you want to apply it to

and how you implement it A couple of things to bear in mind when using this mode

would be:

The same nonce/counter sequence will create the same cipher stream therefore you

must ensure you do not ever use the same values for a given key Otherwise it might

be possible for an attacker given a message with a known plain text to reuse the cipher

stream to decrypt your current message)

13

As the stream cipher is XORed with the plain text it means that a | bit change in the

ciphertext directly results in that bit changing in the decrypted data, therefore some sort

of message integrity is paramount, most likely a HMAC so that an attacker cannot

realistically generate the hash and correct that as well.[4]

14

Chapter 3 SYSTEM ANALYSIS AND DESIGN

3.1 Analysis requirements:

3.1.1 Function requirements:

Management interface:

Administrator manages all activities of the website

User management: check if testaments have been paid, check logs user to active

all testaments or log in for user

View and statistics the number of users, the number of testaments

Management and statistics of revenue

User Interface:

The user can create a list of beneficiaries, a list of testaments and the time when

the will is active, based on which admin checks the logs

View created my testaments, pay options, edit testaments or remove them from

the system

3.1.2 Non-function requirements:

Requires products with friendly interface, easy to use, high reliability, stableperformance and performance,

Convenience: The system has an intuitive, friendly and easy-to-use interface

Efficiency: Website visually shows information states, making it easy for users

to manipulate Website works stably

15

3.2 Use case diagram

3.2.1 Desciption of Actors

Super admin Is the person with the highest authority,

capable of performing all functions of the

system except view or edits detail the

testaments.

Admin Being authorized by the super admin, can

perform all functions except all user

management and view or edits detail the

testaments.

User Is a regular account Can create ,view ,edit

or delete testaments

Beneficiary Is the recipient of the testament can view

the testament's details

Table 3.1 Desciption of Actors

17

3.2.2 Description of Usecases

NO | Use case Description

1 Admin Oversee the functionality of the website, evaluate and

management manage website performance, facilitate hosting and server

management, and develop, maintain and update website

content.

2 Testament List basic information of the will such as creator's name, the

management status of the will (Pending, paid, wating, out of date, done).

User can update testament

3 Payment Add a new testament according to the existing form.

management Detailed testament content and recipient information is

encrypted

List a list of testaments View expiration time and payment

status.

4 User List of users Basic information of the user and support

management functions for renewing or sending testament

5 Packages Export a list of completed payments or not paid

management

6 Payment Testament maker easily edit the information to activate the

testament, modify the content of the testament, the recipient

or delete them

7 Beneficiary Only the testator can change the recipient testaments.

management

18

Payment of The testament maker pays a fee for each testament The

testaments testament becomes active as soon as the user completes the

payment.

9 Login System administrators and employees can view the

expiration date of testaments and renewals for customers

10 | View Testament | Only the testator and Testament recipient can view the

content of the Testament

Table 3.2 Desciption of Usecases

19

Show error message

delete old wills

3.3.5 Update receiver testament

User System Database and storage

Handling request

user completes the information

ifhas receiver Show error message

delete old receiver

to delete

Request | confirmation

te † find all relate data |