SRS 6 final

Software Requirements Specification for

Inter Bank Fund Transfer in Distributed network Version 1.0 approved

Prepared by Anurag Banerjee

BE/10069/2014

Birla Institute of Technology, Mesra.

12 August, 2016.

Copyright © 1999 by Karl E. Wiegers. Permission is granted to use, modify, and distribute this document.

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

Page ii

Table of Contents Table of Contents .......................................................................................................................... ii Revision History ............................................................................................................................ ii 1. Introduction ..............................................................................................................................1 1.1 1.2 1.3 1.4 1.5

Purpose ............................................................................................................................................ 1 Document Conventions.................................................................................................................... 1 Intended Audience and Reading Suggestions .................................................................................. 1 Product Scope .................................................................................................................................. 1 References........................................................................................................................................ 1

2. Overall Description ..................................................................................................................2 2.1 2.2 2.3 2.4 2.5 2.6 2.7

Product Perspective ......................................................................................................................... 2 Product Functions ............................................................................................................................ 2 User Classes and Characteristics ..................................................................................................... 2 Operating Environment.................................................................................................................... 2 Design and Implementation Constraints .......................................................................................... 2 User Documentation ........................................................................................................................ 2 Assumptions and Dependencies ...................................................................................................... 3

3. External Interface Requirements ...........................................................................................3 3.1 3.2 3.3 3.4

User Interfaces ................................................................................................................................. 3 Hardware Interfaces ......................................................................................................................... 3 Software Interfaces .......................................................................................................................... 3 Communications Interfaces ............................................................................................................. 3

4. System Features........................................................................................................................4 4.1 System Feature 1 .............................................................................................................................. 4 4.2 System Feature 2 (and so on) ........................................................................................................... 4

5. Other Nonfunctional Requirements .......................................................................................4 5.1 5.2 5.3 5.4 5.5

Performance Requirements .............................................................................................................. 4 Safety Requirements ........................................................................................................................ 5 Security Requirements ..................................................................................................................... 5 Software Quality Attributes ............................................................................................................. 5 Business Rules ................................................................................................................................. 5

6. Other Requirements ................................................................................................................5 Appendix A: Glossary....................................................................................................................5 Appendix B: Analysis Models .......................................................................................................5 Appendix C: To Be Determined List ............................................................................................6

Revision History Name

Date

Reason For Changes

Version

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

1.

Introduction

1.1

Purpose

Page 1

Lack of encryption between banks and regional processors present serious risks to the system as transmissions may be intercepted and modified or even deleted. Attackers may subsequently divert, redirect, or cancel funds transfers. Therefore, the software provides a messaging network that financial institutions use to securely transmit information and instructions through a standardized system of codes.

Document Conventions

1.2

The headings and subheadings are in bold and are in Times new Roman font of size 18 and 14 respectively. The paragraphs are also in Times New Roman font and are of size 12.

1.3

Intended Audience and Reading Suggestions

The robustness of the software design allows huge scalability to provide services to the following:          

Banks Brokerage Institutions and Trading Houses Securities Dealers Asset Management Companies Clearing Houses Depositories Exchanges Corporate Business Houses Treasury Market Participants and Service Providers Foreign Exchange and Money Brokers

Product Scope

1.4

The software uses public key cryptography to ensure proper authentication.It enables ciphering without leaking private key information. It deploys the public key scheme to modify the key escrow mechanism to be used in SWIFT system offering the following features for the above stated problems:

1.5



Each bank owns its own public key and private key, but different keys are used for the authenticaton of different transactions, and these keys are unknown to SWIFT as before.



Provide bank-to-center authentication.



Provide link-by-link encryption from end-to-end.

References 1) https://en.wikipedia.org/wiki/Society_for_Worldwide_Interbank_Financial_Telecommu nication

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

2.

Overall Description

2.1

Product Perspective

Page 2

Prior to SWIFT, Telex was the only available means of message confirmation for international funds transfer. Telex was hampered by low speed, security concerns, and a free message format--in other words, Telex did not have a unified system of codes like SWIFT to name banks and describe transactions. To circumvent these problems, SWIFT system was formed in 1974. Seven major international banks formed a cooperative society to operate a global network that would transfer financial messages in a secure and timely manner.

2.2

Product Functions

The major functions performed by the software are: 

To form a secure network for transmitting messages between financial institutions;



To define a set of syntax standards for financial messages (for transmission over the secure network provided or any other network)



To provide a set of connection software and services allowing financial institutions to transmit messages over the secure network.

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

2.3

Page 3

User Classes and Characteristics

Financial institutions worldwide along with involvement of their employees and to a lesser extent their customers and clients.

2.4

Operating Environment

The software is used in financial institutions by the employees of the institution. The hardware requirement for this software are 

Processor - Pentium -III



Speed - 1.1 Ghz



RAM - 256 MB(min)



Hard Disk - 20 GB



Floppy Drive - 1.44 MB



Key Board - Standard Windows Keyboard



Mouse - Two or Three Button Mouse



Monitor - SVGA

The software requirements are  Operating System: Windows 2000.  Technology: .NET/J2EE  Database: Oracle 8i

2.5

Design and Implementation Constraints

Secure network connection should exist between the two banks between which fund transfer is to take place. Every employee of the banks should be provided with a login id and password to initiate transactions so as to add extra security to prevent intrusion from outsiders.

2.6

User Documentation

The required support and documentations will be provided on: 

https://www.swift.com/contact-us/support

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

2.7

Page 4

Assumptions and Dependencies

The banks should have a stable internet connection (Wired connection preferably for more stability and faster transactions) and also ensure that their internet connection is protected by firewall to ensure greater security. The computers in which the software is installed should have some sort of antimalware to prevent unidentified interceptions by attackers locally.

3.

External Interface Requirements

3.1

User Interfaces

The home screen will have a login option for the bank employee. The next screen will require the customer credentials. Options for transfer, update, transaction history, logout, help will be there in the following screen. Apart from these there will be options for checking the details of an account.

3.2

Hardware Interfaces

A standard computer with the following hardware specifications is required: 

Processor - Pentium -III



Speed - 1.1 Ghz



RAM - 256 MB(min)



Hard Disk - 20 GB



Floppy Drive - 1.44 MB



Key Board - Standard Windows Keyboard



Mouse - Two or Three Button Mouse



Monitor – SVGA



In addition to the above routers/modems, splitters and wires are required for internet connectivity.

3.3

Software Interfaces 

Operating System: Windows 2000 (Documentation: https://msdn.microsoft.com/enus/library/bb742601.aspx)



Technology: .NET/J2EE (Documentation: http://docs.oracle.com/javaee/7/index.html)



Database: Oracle 8i (Documentation: http://www.oracle.com/pls/tahiti/homepage)

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

3.4

Page 5

Communications Interfaces

The RSA cipher is used to deploy the public key scheme to modify the key escrow mechanism to be used in system. Each bank owns its private key and public key, but different keys are used for authentication of different transactions, and these keys are unknown to SWIFT. Each bank has a securely stored private key and a public key. A SWIFT terminal generates a random number for every message transmitted as the end-to-end authentication session key, and encrypts this key with the receiver's public key. Using the same procedure to perform bank-to-center input sequence number authentication, it enables an operating center to verify the authenticity of the input sequence number from customer banks. The receiving bank to verify the output sequence number from the operating center uses the same method. Let us name this as link-by-link authentication. Finally, linkby-link encryption can be performed using a uniquely generated session key for message encryption and encrypting the session key with the public key of the code at the other side of the link.

4.

System Features

4.1

Logging in and Authentication: 4.1.1

Description and Priority: The software offers access to Internet at client level and access to server resources at server level only by validating the user with the unique username and password. It has high priority to ensure security of the clients.

4.1.2

Stimulus/Response Sequences: The response/stimulus for the different classes of users are:

4.1.3



Users: Logging into their respective accounts.



Administrator: Adding new accounts, giving account status.

Functional Requirements: All system should have the software with updated database. The server should identify clients by their login credentials. Input: User name and password, Account number Output: Access to Internet, Available balance, Account Details.

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

4.2

Page 6

Transfer Request: 4.2.1

Description and Priority: This is used by the user to create a fund transfer request from one bank to another bank in a distributed network. It provides the facilities to initiate the transfer.

4.2.2

Stimulus/response sequences: The response/stimulus for the different classes of users are: 

4.3

Users: Initiate how much fund is to be transferred from the bank and to which bank the funds are to be transferred.

View Account Details: 4.3.1

Description and Priority: This is designed to help the user to view their account details like account balance, history of fund transactions, account credentials etc. It also provides facilities to the user to change account login password.

4.3.2

Stimulus/response sequences: The response/stimulus for the different classes of users are: 

Users: See Account Details, change login password, view history of transactions etc.



Administrator: Validate password change request from the user and implement it.

5.

Other Nonfunctional Requirements

5.1

Performance Requirements

Higher speed internet connections in banks involved in a given transaction will ensure faster transactions. Base speed of 2Mbps is expected for the establishment of a secure connection.

Software Requirements Specification for Inter Bank Fund Transfer in Distributed Network

5.2

Page 7

Safety Requirements

Everybody should not be able to use the software so the bank employees are provided with login credentials for logging into the software. Every bank employee should not be able to access every account so every customer/client is also provided with login credentials. When these two are available, then a transaction can take place.

5.3

Security Requirements

For security the software uses RSA encryption giving a private and a public key to each bank. A random number is generated for every transaction and then based on the session key and the public key a checking operation is done. If the keys match, then connection is established.

5.4

Software Quality Attributes

The software is very easy to use and user friendly. When installed properly the software is expected to operate in a foolproof manner. The software can be used by any financial institution provided they are registered in the software’s database and have their public and private key. People who can use computer applications should be able to handle the software to a considerable extent. The software can be used as and when the firm requires. Using the software does not require any extra learning on the employee’s or client’s part.

5.5

Business Rules

In case of a mismanagement in transaction the assigned administrator in every bank has the capacity to terminate the faulty transaction.

6.

Other Requirements

The institutions using the software should assign administrators who will act like superusers and have special privileges like creating accounts for new clients and bank employees, terminating faulty transactions etc. The banks using the software for interbank fund transfer should have mutual understanding between them and the software provider in case of any failures and should cooperate to rectify the fault and close the loophole in the security of the system.