At e-Bay, Amazon, and other online businesses, you can purchase real objects using virtual money (electronic cash). Ecash comes in many forms :
Making promises or moving money around is simple enough. The big issue is security :
A variety of technical measures are employeed in various situations, but some common ones are:
If you use a credit card, you may need to type a PIN number (a password) when you make a purchase. The business does an online check with the credit-card company to ensure that your card and PIN are valid. This online check is performed using encrypted communications to stop criminals from stealing the data.
We will write a program(s) to implement our own Ecash system called FreeCash - it won't cost us anything, but we can use it to keep score in local games.
Storage
FreeCash must be stored on a server, so it is accessible from many locations. We will use a LAN server, as this is much simpler to implement than web-based storage.
We
must store an account for each user. That means at least 12
accounts for our IB Computer Science class. We can make the system
larger to allow for expansion - we will make a system with 1000
accounts.
To enable simultaneous access, we will use a RandomAccessFile for storage. Each account needs to store the following fields:
User
Name
Password
(or PIN)
Balance
(current amount of money)
Transactions
A transaction is an event which changes the amount of money in an account (or accounts).
The most common transaction is a transfer - this moves money from one account to another. Assuming that money can neither be created nor destroyed, transfers will be the only transactions possible.
Protocol
We adopt the following protocol : money can only be transferred when the payor has typed a correct password. The payor may transfer money to any account, so long as they know the account number (between 0 and 999), and the name of the account owner. The payor does not need to know the password of the recipient.
Encryption
It should not be possible to see users' passwords by simply opening the file and reading it. This security is implemented by only storing encrypted passwords in the file. Thus, if a user's password is "secret", it might be stored in encrypted form as "tgfvjz" (can you figure out why?)
---- Assignment ----
Study the following program which creates 5 accounts in a file called FREECASH.DAT. It does not encrypt the passwords, but that can be added later.
This is only a simulation, but we will make it as realistic as possible by storing data files on a server. However, you can develop the program on a local hard-disk first, and then move the data file to a server later.
Add
buttons and methods to make the FreeCash system work properly. Do
the most important work first - the most important feature is the
ability to transfer money from one account to another, including a
proper password check.
import
java.awt.*;
import
java.io.*;
public
class
FreeCash
extends
EasyApp
{
public
static
void
main(String[]
args)
{
new
FreeCash();
}
Button
bNewFile
=
addButton("New
File",40,40,80,40,this);
Button
bShowAll
=
addButton("Show
All",120,40,80,40,this);
public
FreeCash()
{
setSize(400,300);
setTitle("FreeCash");
}
public
void
actions(Object
source,String
command)
{
if
(source
==
bNewFile)
{
newFile();
}
else
if
(source
==
bShowAll)
{
showAll();
}
}
public
void
newFile()
{
String
password
=
input("Type
the administrative password");
if
(password.equals("magic"))
{
double
money
=
inputDouble("How
much money should each account get?");
newAccount(1,"First
Person",money,"one");
newAccount(2,"Second
Person",money,"two");
newAccount(3,"Third
Person",money,"three");
newAccount(4,"Fourth
Person",money,"four");
newAccount(5,"Fifth
Person",money,"five");
}
else
{
output("Access
Denied");
}
}
public
void
newAccount(int
num,
String
name,
double
money,
String
password)
{ try
{
RandomAccessFile
accounts
=
new
RandomAccessFile("FreeCash.dat","rw");
accounts.seek(num*50);
accounts.writeUTF(name);
accounts.seek(num*50+20);
accounts.writeDouble(money);
accounts.seek(num*50+30);
accounts.writeUTF(password);
accounts.close();
}
catch
(IOException
e)
{
output(e.toString());
}
}
public
void
showAll()
{
try
{
RandomAccessFile
accounts
=
new
RandomAccessFile("FreeCash.dat","rw");
for
(int
num
= 1;
num
<=
5;
num
=
num+1)
{
accounts.seek(num*50);
String
name
=
accounts.readUTF();
accounts.seek(num*50
+
20);
double
money
=
accounts.readDouble();
accounts.seek(num*50
+
30);
String
password
=
accounts.readUTF();
System.out.println(num
+
"\t"
+
name
+
"\t"
+
money
+
"\t"
+password);
}
accounts.close();
}
catch
(IOException
e)
{
output(e.toString());
}
}
}