File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Want to create a Class with multiLevel File Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Want to create a Class with multiLevel File Security" Watch "Want to create a Class with multiLevel File Security" New topic
Author

Want to create a Class with multiLevel File Security

Gregory Norris
Greenhorn

Joined: Sep 02, 2011
Posts: 3

First off I'm new here so hello. As my siggy says I've taken a year of Java programming and have studied it quite a bit in my spare time. Currently I'm working on a type of banking app (currently strictly JRE but eventually would like to port to Android and other such devices). The app will serve two main functions 1: It will accept user input for a Gross and Net Income (like from a paycheck) then split the money based on a simple config file (probably will be written by the program itself but will require the user to use a simple math oriented code). (Calculator) 2: The program will have a checkbook feature to keep track of expenses like any other checkbook. The things different about my program than others like it is that my program aims to be truly secure and will never send any info over the net (I laugh every time I see a commercial for some online banking phone app as I know full well just how vulnerable a long distance transmission is even if it's encrypted). The programs main function however is to teach myself some new tricks and brush up on my programming skills.

Now for the question: I would like to see some potential code for making the following work: A Security class (probably called SecIO) with 2 or 3 methods. It will first ask for a password and use it to partially decrypt the config files (checkbook and calculator) possibly by unzipping them. It will then use use the password along with info in a password file to determine an encryption key which will be used to actively decrypt the config files. This way even once the password is inputted the files will never exist on the drive unencrypted (so if someone has a virus that looks for banking information it won't be able to determine the actual data without being specifically designed to crack this program). Unfortunately I've not yet developed the program enough to have anything other than theory code (not even pseudo yet) but before I get to far I want an idea of how I'll have to format the program to securely read from this method (Will I have to create a secure readline() method within the SecIO method?).

Also note that this is an open-source project (Though I need to do more research to figure out how to get the proper licenses for it).

Finally I've started a SourceForge for this project but since I've not yet determined how the licensing thing works I've not posted what little code I do have (A Language and Window Selector): https://sourceforge.net/p/gregsbank/wiki/Home/


Current laptop: HP Compaq 6910p refurbished, 2GB RAM, PC Card:single channel Wireless b/g/n, Core2Duo 2.2GHz. One year Java Classes, dabble in everything.
Gregory Norris
Greenhorn

Joined: Sep 02, 2011
Posts: 3

Looks like I can't edit anymore but since I've been able to look a bit more into this myself (my personal laptop is broken so I'm using my Mom's desktop which is shared with 3 siblings) I've realized that there's a whole lot of stuff I don't know yet so perhaps a better question to ask is what's the best method (or any method) of creating a secure zip file and zipping/unzipping it and what do I do to register the security or do I have to register the security.

Once I know this step I can start coding again to at least start creating my security class. Also once I have that down I'll need to look for a way to encrypt the files inside (so I unzip them but the files inside are still encypted), then read the encrypted data and write new encrypted data (probably rewrite the entire files with fresh security, also probably will try to separate the checkbook file).

I'll also make a topic elsewhere for learning how to register my app so I can post code on SourceForge).
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Want to create a Class with multiLevel File Security