Database encryption for a Web-based Claims System
Syed Zulkarnain Syed Idrus
MetadataShow full item record
The main purpose of this study is to develop a computer system for UniMAP staff to make claims via electronic media. The system development is based on the Treasury Circulars by the Ministry of Finance, Malaysia as well as other circulars related to it. Other important particulars had been built into the system such as salary, grade, entitlement and others. Another additional feature included is the automatic calculations. This system can also be equipped with a security tool to prevent hackers or unauthorised persons, which can be selected from the results of the security analysis. There are three categories of user involved in the development of the system. They are the Claimant, Responsibility Centre and Bursary Department. The Responsibility Centre consists of all administrative departments as well as centres of study from where the budget allocation is acquired. The development of the system begins by designing of the Process Flow Diagrams showing the steps or procedures that need to be followed in sequence respectively. All the three categories of users must follow their flow of the diagrams. Process flow is a flow that determines the movements of the forms from the moment they are submitted up to the stage where payments will be made. This process is to be followed by the designing the Data Flow Diagram and then the Database. The former specifies how the data will flow in the system, whereas the latter is for data storage where all data are kept such as login identifications, passwords, staff personal particulars, entitlements etc. The development of the Database comes in four forms namely Entity-Relationship Diagram, Hierarchical Diagram, Relational Database Diagram and Data Dictionary. Out of twenty encryption algorithms that are available in the Dynamic-Link Library (DLL), only five have been selected to go through and perform analysis for comparison in terms of its performance and compatibility with the developed system. Since this system is Web-based, staff can make claims anywhere, anytime and at any locations. This method can overcome not only human errors but also more efficient, fast and accurate. Therefore, this system can also save time, effort, and administrative costs. In this study, Active Server Pages (ASP) has been chosen to make the calculation and also to generate reports. After the system has been developed, a test was conducted using forms that have been simulated manually. The purpose is to enable the researcher to make comparison with the ones made using the developed system in order to detect errors or flaws from the manual simulation in the system. Testing was also done on the encryption algorithms and Web browsers selected by increasing both the text length size and key length size and observed its performances. Having noted its response times, an analysis was made in order to determine which encryption algorithms’ and Web browsers’ performances were most suited for the developed system and considered the best, which is lower and able to sustain its response times. The results of this study have shown that this system is able to detect all human errors in the traditional manual claim system, in which claimants have made some mistakes. On the other hand, the analysis of encryption algorithms with Web browsers, the results have shown that Twofish algorithm is best suited to the system that has been developed using ASP Web programming language on Internet Explorer. Hence, it is emphatic that all objectives that had been set at the beginning of this research have been met.