INTRODUCTION

What is cloud computing?

Cloud computing is the use of computing resources (hardware and

software) that are delivered as a service over a network (typically the Internet). The
name comes from the common use of a cloud-shaped symbol as an abstraction for
the complex infrastructure it contains in system diagrams. Cloud computing
entrusts remote services with a user's data, software and computation. Cloud
computing consists of hardware and software resources made available on the
Internet as managed third-party services. These services typically provide access to
advanced software applications and high-end networks of server computers.

Structure of cloud computing

How Cloud Computing Works?

The goal of cloud computing is to apply traditional supercomputing, or high-

performance computing power, normally used by military and research facilities,
to perform tens of trillions of computations per second, in consumer-oriented
applications such as financial portfolios, to deliver personalized information, to
provide data storage or to power large, immersive computer games.
The cloud computing uses networks of large groups of servers typically running
low-cost consumer PC technology with specialized connections to spread data-
processing chores across them. This shared IT infrastructure contains large pools
of systems that are linked together. Often, virtualization techniques are used to
maximize the power of cloud computing.

Characteristics and Services Models:

The salient characteristics of cloud computing based on the definitions

provided by the National Institute of Standards and Terminology (NIST) are
outlined below:

 On-demand self-service: A consumer can unilaterally provision computing

capabilities, such as server time and network storage, as needed
automatically without requiring human interaction with each service’s
provider.
 Broad network access: Capabilities are available over the network and
accessed through standard mechanisms that promote use by heterogeneous
thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).
 Resource pooling: The provider’s computing resources are pooled to serve
multiple consumers using a multi-tenant model, with different physical and
virtual resources dynamically assigned and reassigned according to
consumer demand. There is a sense of location-independence in that the
customer generally has no control or knowledge over the exact location of
the provided resources but may be able to specify location at a higher level
 of abstraction (e.g., country, state, or data center). Examples of resources
include storage, processing, memory, network bandwidth, and virtual
machines.
 Rapid elasticity: Capabilities can be rapidly and elastically provisioned, in
some cases automatically, to quickly scale out and rapidly released to
quickly scale in. To the consumer, the capabilities available for provisioning
often appear to be unlimited and can be purchased in any quantity at any
time.
 Measured service: Cloud systems automatically control and optimize
resource use by leveraging a metering capability at some level of abstraction
appropriate to the type of service (e.g., storage, processing, bandwidth, and
active user accounts). Resource usage can be managed, controlled, and
reported providing transparency for both the provider and consumer of the
utilized service.

Characteristics of cloud computing

Services Models:
 Cloud Computing comprises three different service models, namely
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-
a-Service (SaaS). The three service models or layer are completed by an end user
layer that encapsulates the end user perspective on cloud services. The model is
shown in figure below. If a cloud user accesses services on the infrastructure layer,
for instance, she can run her own applications on the resources of a cloud
infrastructure and remain responsible for the support, maintenance, and security of
these applications herself. If she accesses a service on the application layer, these
tasks are normally taken care of by the cloud service provider.

Structure of service models

Benefits of cloud computing:

1. Achieve economies of scale – increase volume output or productivity with

fewer people. Your cost per unit, project or product plummets.
 2. Reduce spending on technology infrastructure. Maintain easy access to
your information with minimal upfront spending. Pay as you go (weekly,
quarterly or yearly), based on demand.
3. Globalize your workforce on the cheap. People worldwide can access the
cloud, provided they have an Internet connection.
4. Streamline processes. Get more work done in less time with less people.
5. Reduce capital costs. There’s no need to spend big money on hardware,
software or licensing fees.
6. Improve accessibility. You have access anytime, anywhere, making your
life so much easier!
7. Monitor projects more effectively. Stay within budget and ahead of
completion cycle times.
8. Less personnel training is needed. It takes fewer people to do more work
on a cloud, with a minimal learning curve on hardware and software issues.
9. Minimize licensing new software. Stretch and grow without the need to
buy expensive software licenses or programs.
10.Improve flexibility. You can change direction without serious “people” or
“financial” issues at stake.

Advantages:

1. Price:Pay for only the resources used.

2. Security: Cloud instances are isolated in the network from other instances
for improved security.
3. Performance: Instances can be added instantly for improved performance.
Clients have access to the total resources of the Cloud’s core hardware.
4. Scalability: Auto-deploy cloud instances when needed.
 5. Uptime: Uses multiple servers for maximum redundancies. In case of server
failure, instances can be automatically created on another server.
6. Control: Able to login from any location. Server snapshot and a software
library lets you deploy custom instances.
7. Traffic: Deals with spike in traffic with quick deployment of additional
instances to handle the load.

ABSTRACT

Cloud computing has generated much interest in the research community in recent
years for its many advantages, but has also raise security and privacy concerns.
The storage and access of confidential documents have been identified as one of
the central problems in the area. In particular, many researchers investigated
solutions to search over encrypted documents stored on remote cloud servers.
While many schemes have been proposed to perform conjunctive keyword search,
less attention has been noted on more specialized searching techniques. In this
paper, we present a phrase search technique based on Bloom filters that is
significantly faster than existing solutions, with similar or better storage and
communication cost. Our technique uses a series of n-gram filters to support the
functionality. The scheme exhibits a trade-off between storage and false positive
rate, and is adaptable to defend against inclusion-relation attacks. A design
approach based on an application’s target false positive rate is also described.

SYSTEM ANALYSIS
EXISTING SYSTEM:

 Boneh et al. proposed one of the earliest works on keyword searching. Their
scheme uses public key encryption to allow keywords to be searchable
without revealing data content.
 Waters et al. investigated the problem for searching over encrypted audit
logs. Many of the early works focused on single keyword searches.
 Recently, researchers have proposed solutions on conjunctive keyword
search, which involves multiple keywords.
 Other interesting problems, such as the ranking of search results and
searching with keywords that might contain errors termed fuzzy keyword
search, have also been considered. The ability to search for phrases was also
recently investigated.
 Some of the existing system has examined the security of the proposed
solutions and, where flaws were found, solutions were proposed

DISADVANTAGES OF EXISTING SYSTEM:

  The cloud can read any data it desired, providing no privacy to its users. The
storage of private keys and encrypted data by the cloud provider is also
problematic in case of data breach.
 By recognizing the almost exponential distribution of keywords, the entries
in the keyword location tables are split into pairs to achieve normalization
without the high cost of storing unused random data. However, the use of
encrypted indexes and the need to perform client-side encryption and
decryption may still be computationally expensive in certain applications.
 Its space-efficiency comes at the cost of requiring a brute force location
verification during phrase search. Since all potential locations of the
keywords must be verified, the amount of computation required grows
proportionally to the file size. As a result, the scheme exhibits a high
processing time.

PROPOSED SYSTEM:

 In this paper, we present a phrase search scheme which achieves a much

faster response time than existing solutions. The scheme is also scalable,
where documents can easily be removed and added to the corpus. We also
describe modifications to the scheme to lower storage cost at a small cost in
response time and to defend against cloud providers with statistical
knowledge on stored data.
 Although phrase searches are processed independently using our technique,
they are typically a specialized function in a keyword search scheme, where
the primary function is to provide conjunctive keyword searches. Therefore,
 we describe both the basic conjunctive keyword search algorithm and the
basic phrase search algorithm along with design techniques.

ADVANTAGES OF PROPOSED SYSTEM:

 Our framework differs from some of the earlier works, where keywords
generally consist of meta-data rather than content of the files and where a
trusted key escrow authority is used due to the use of Identity based
encryption.
 When compared to recent works, where an organization wishes to outsource
computing resources to a cloud storage provider and enable search for its
employees, where the aim is to return properly ranked files. Most other
recent works related to search over encrypted data have considered similar
models such as, where the client acts as both data owner and user.

IMPLEMENTATION

MODULES:

 System Framework
 Data Owner
 Data User
 Cloud Server

MODULES DESCRIPTION:

System Framework:
In this framework, we designed a standard keyword search protocol. During setup,
the data owner generates the required encryption keys for hashing and encryption
operations. Then, all documents in the database are parsed for keywords. Bloom
filters tied to hashed keywords and n-grams are attached. The documents are then
symmetrically encrypted and uploaded to the cloud server. To add files to the
database, the data owner parses the files as in setup and uploads them with Bloom
filters attached to the cloud server. To remove a file from the data, the data owner
simply sends the request to the cloud server, who removes the file along with the
attached Bloom filters. To perform a search, the data user enters keyword then it
computes and sends a trapdoor encryption of the queried keywords to the cloud to
initiate a protocol and returns accurate file. Here we implement some modules they
are Data Owner, Data User and Cloud Server.

Data Owner:

In Data Owner module, Initially Data Owner must have to register their detail and
after login he/she has to verify their login through OTP. Then data Owner can
upload files into cloud server with encrypted keywords and hashing algorithms.
He/she can view the files that are uploaded in cloud. Data Owner can approve or
reject the file request sent by data users.

Data User:

In Data User module, Initially Data Users must have to register their detail and
then login into cloud. Data Users can search all the files upload by data owners.
He/she can send request to the files and then request will send to the data owners.
If data owner approve the request then he/she will receive the decryption key in
registered mail

Cloud Server:
In this module, we develop Cloud Server module. In Cloud Server module, Cloud
Provider can view all the Data owners and data users’ details. CP can able see the
files in cloud uploaded by the data owners.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

• System : Pentium IV 2.4 GHz.

• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 512 Mb.

SOFTWARE REQUIREMENTS:

• Operating system : - Windows XP/7.

• Coding Language : JAVA/J2EE
• Data Base : MYSQL

SYSTEM STUDY

FEASIBILITY STUDY
 The feasibility of the project is analyzed in this phase and business
proposal is put forth with a very general plan for the project and some cost
estimates. During system analysis the feasibility study of the proposed system is to
be carried out. This is to ensure that the proposed system is not a burden to the
company. For feasibility analysis, some understanding of the major requirements
for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.
TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.

SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the
user. This includes the process of training the user to use the system efficiently.
The user must not feel threatened by the system, instead must accept it as a
necessity. The level of acceptance by the users solely depends on the methods that
are employed to educate the user about the system and to make him familiar with
it. His level of confidence must be raised so that he is also able to make some
constructive criticism, which is welcomed, as he is the final user of the system.

LITERATURE SURVEY

1) Public Key Encryption with keyword Search

AUTHORS: Dan Boneh and Giovanni Di Crescenzo

We study the problem of searching on data that is encrypted using a public key
system. Consider user Bob who sends email to user Alice encrypted under Alice’s
public key. An email gateway wants to test whether the email contains the
keyword “urgent” so that it could route the email accordingly. Alice, on the other
hand does not wish to give the gateway the ability to decrypt all her messages. We
define and construct a mechanism that enables Alice to provide a key to the
gateway that enables the gateway to test whether the word “urgent” is a keyword in
the email without learning anything else about the email. We refer to this
mechanism as Public Key Encryption with keyword Search. As another example,
consider a mail server that stores various messages publicly encrypted for Alice by
others. Using our mechanism Alice can send the mail server a key that will enable
the server to identify all messages containing some specific keyword, but learn
nothing else. We define the concept of public key encryption with keyword search
and give several constructions.

2) Building an Encrypted and Searchable Audit Log

AUTHORS: Brent R. Waters, Dirk Balfanz, Glenn Durfee and D. K. Smetters

Audit logs are an important part of any secure system, and they need to be
carefully designed in order to give a faithful representation of past system activity.
This is especially true in the presence of adversaries who might want to tamper
with the audit logs. While it is important that auditors can inspect audit logs to
assess past system activity, the content of an audit log may contain sensitive
information, and should therefore be protected from unauthorized parties.
Protecting the contents of audit logs from unauthorized parties (i.e., encrypting it),
while making it efficiently searchable by authorized auditors poses a problem. We
describe an approach for constructing searchable encrypted audit logs which can be
combined with any number of existing approaches for creating tamper-resistant
logs. In particular, we implemented an audit log for database queries that uses hash
chains for integrity protection and identity based encryption with extracted
keywords to enable searching on the encrypted log. Our technique for keyword
search on encrypted data has wide application beyond searchable audit logs

3) Secure Conjunctive Keyword Searches for Unstructured Text

AUTHORS: Florian Kerschbaum

There are a number of searchable encryption schemes that allow secure
conjunctive keyword searches over encrypted data, but all of them assume that the
position of the keywords is known. This is a pity, since in unstructured text, e.g.
the body of an e-mail, this position is unknown and one has to construct O(mn)
search tokens for n keywords in a text of length m. In this paper we present a
searchable encryption scheme that allows conjunctive keyword searches without
specifying the position requiring only one search token with constant ciphertext
length. We prove the security of our scheme using the external Diffie-Hellman
assumption in the random oracle model.

4) Achieving effective cloud search services: multi-keyword ranked search

over encrypted cloud data supporting synonym query
AUTHORS: Zhangjie Fu, Xingming Sun, Nigel Linge
Abstract: In recent years, consumer-centric cloud computing paradigm has
emerged as the development of smart electronic devices combined with the
emerging cloud computing technologies. A variety of cloud services are delivered
to the consumers with the premise that an effective and efficient cloud search
service is achieved. For consumers, they want to find the most relevant products or
data, which is highly desirable in the "pay-as-you use" cloud computing paradigm.
As sensitive data (such as photo albums, emails, personal health records, financial
records, etc.) are encrypted before outsourcing to cloud, traditional keyword search
techniques are useless. Meanwhile, existing search approaches over encrypted
cloud data support only exact or fuzzy keyword search, but not semantics-based
multi-keyword ranked search. Therefore, how to enable an effective searchable
system with support of ranked search remains a very challenging problem. This
paper proposes an effective approach to solve the problem of multi-keyword
ranked search over encrypted cloud data supporting synonym queries. The main
contribution of this paper is summarized in two aspects: multi-keyword ranked
search to achieve more accurate search results and synonym-based search to
support synonym queries. Extensive experiments on real-world dataset were
performed to validate the approach, showing that the proposed solution is very
effective and efficient for multikeyword ranked searching in a cloud environment.

5) Difference Set Attacks on Conjunctive Keyword Search Schemes

AUTHORS: Hyun Sook Rhee, Ik Rae Jeong, Jin Wook Byun, Dong Hoon Lee
In a keyword search scheme a user stores encrypted data on an untrusted server
and gives a database manager a capability for a keyword which enables a database
manager to find encrypted data containing the keyword without revealing the
keyword to the database manager. Conjunctive keyword search scheme enables a
user to obtain data containing all of several keywords through only one query. One
of the security requirements of conjunctive keyword search schemes is that a
malicious adversary should not be able to generate new valid capabilities from the
observed capabilities. In this paper we show that conjunctive keyword search
schemes are not secure. In particular, given two capabilities corresponding two sets
of keywords, an adversary is able to generate a new capability corresponding to the
difference set of two keywords sets.

SYSTEM DESIGN
SYSTEM ARCHITECTURE:
 UML DIAGRAMS

UML stands for Unified Modeling Language. UML is a standardized

general-purpose modeling language in the field of object-oriented software
engineering. The standard is managed, and was created by, the Object
Management Group.
The goal is for UML to become a common language for creating models of
object oriented computer software. In its current form UML is comprised of two
major components: a Meta-model and a notation. In the future, some form of
method or process may also be added to; or associated with, UML.
The Unified Modeling Language is a standard language for specifying,
Visualization, Constructing and documenting the artifacts of software system, as
well as for business modeling and other non-software systems.
The UML represents a collection of best engineering practices that have
proven successful in the modeling of large and complex systems.
 The UML is a very important part of developing objects oriented software
and the software development process. The UML uses mostly graphical notations
to express the design of software projects.

GOALS:
The Primary goals in the design of the UML are as follows:
1. Provide users a ready-to-use, expressive visual modeling Language so that
they can develop and exchange meaningful models.
2. Provide extendibility and specialization mechanisms to extend the core
concepts.
3. Be independent of particular programming languages and development
process.
4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations,
frameworks, patterns and components.
7. Integrate best practices.
USE CASE DIAGRAM:

A use case diagram in the Unified Modeling Language (UML) is a type of

behavioral diagram defined by and created from a Use-case analysis. Its purpose is
to present a graphical overview of the functionality provided by a system in terms
of actors, their goals (represented as use cases), and any dependencies between
those use cases. The main purpose of a use case diagram is to show what system
functions are performed for which actor. Roles of the actors in the system can be
depicted.
 Registration

Login

Upload File

View Uploaded Files Details

Data Owner File Request Data User

Response Request of User

View uploaded file by Data Owners

View User & Owner Details

View Requested File

 Download File

Verify key and Download

Cloud

Logout

CLASS DIAGRAM:
In software engineering, a class diagram in the Unified Modeling Language
(UML) is a type of static structure diagram that describes the structure of a system
by showing the system's classes, their attributes, operations (or methods), and the
relationships among the classes. It explains which class contains information.

Data User
Data Owner
Login Login

View Files
Search uploaded by Data
Files()
Upload Files ()
Owners()
View Files uploaded by Data
View Uploaded Files ()
Send File Request ()
Owners()
View File Request by Users ()
VerifyFile
Send keyRequest
Sent by()data Owner ()
Approve File Request ()
View requested
Verify key Sent by
File()
data Owner ()

View requested File()

SEQUENCE DIAGRAM:

A sequence diagram in Unified Modeling Language (UML) is a kind of interaction

diagram that shows how processes operate with one another and in what order. It is
a construct of a Message Sequence Chart. Sequence diagrams are sometimes called
event diagrams, event scenarios, and timing diagrams.
 SERVICE

Cloud
DO DU
Upload File
Search Files

View User & Owner

View Upload File Details Send File Request
Details

Request Approval
Enter Decryption key and
Verify

View Requested File

 Download Requested File

View Uploaded Files

on Cloud Servers

ACTIVITY DIAGRAM:

Activity diagrams are graphical representations of workflows of stepwise activities

and actions with support for choice, iteration and concurrency. In the Unified
Modeling Language, activity diagrams can be used to describe the business and
operational step-by-step workflows of components in a system. An activity
diagram shows the overall flow of control.
 Star
t

DO DU
SOFTWARE ENVIRONMENT Cloud

LOGIN LOGIN LOGIN

Java Technology
Upload Files ,View
Uploaded Files ,Response
Request to the Users,
Java technology is both a
Search files, View View User Details ,View
Searched files, View Files Owners Details, View
uploaded by Data Owners, Uploaded Files on Cloud
programming language and a platform.
Send File Request , Verify Server.
key Sent by data Owner,
View requested File
The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:

 Simple
 Architecture neutral
 Object oriented
 Portable
 Distributed
 High performance
 Interpreted
 Multithreaded
 Robust
 Dynamic
 Secure

With most programming languages, you either compile or interpret a

program so that you can run it on your computer. The Java programming
language is unusual in that a program is both compiled and interpreted. With the
compiler, first you translate a program into an intermediate language called Java
byte codes —the platform-independent codes interpreted by the interpreter on the
Java platform. The interpreter parses and runs each Java byte code instruction on
the computer. Compilation happens just once; interpretation occurs each time the
program is executed. The following figure illustrates how this works.
 You can think of Java byte codes as the machine code instructions for the
Java Virtual Machine (Java VM). Every Java interpreter, whether it’s a
development tool or a Web browser that can run applets, is an implementation of
the Java VM. Java byte codes help make “write once, run anywhere” possible. You
can compile your program into byte codes on any platform that has a Java
compiler. The byte codes can then be run on any implementation of the Java VM.
That means that as long as a computer has a Java VM, the same program written in
the Java programming language can run on Windows 2000, a Solaris workstation,
or on an iMac.
The Java Platform
A platform is the hardware or software environment in which a
program runs. We’ve already mentioned some of the most popular platforms
like Windows 2000, Linux, Solaris, and MacOS. Most platforms can be
described as a combination of the operating system and hardware. The Java
platform differs from most other platforms in that it’s a software-only
platform that runs on top of other hardware-based platforms.

The Java platform has two components:

 The Java Virtual Machine (Java VM)
 The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java
platform and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components

that provide many useful capabilities, such as graphical user interface
(GUI) widgets. The Java API is grouped into libraries of related classes and
interfaces; these libraries are known as packages. The next section, What
Can Java Technology Do? Highlights what functionality some of the
packages in the Java API provide.
The following figure depicts a program that’s running on the Java
platform. As the figure shows, the Java API and the virtual machine insulate
the program from the hardware.
 Native code is code that after you compile it, the compiled code runs
on a specific hardware platform. As a platform-independent environment,
the Java platform can be a bit slower than native code. However, smart
compilers, well-tuned interpreters, and just-in-time byte code compilers can
bring performance close to that of native code without threatening
portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming
language are applets and applications. If you’ve surfed the Web, you’re
probably already familiar with applets. An applet is a program that adheres
to certain conventions that allow it to run within a Java-enabled browser.

However, the Java programming language is not just for writing cute,
entertaining applets for the Web. The general-purpose, high-level Java
programming language is also a powerful software platform. Using the
generous API, you can write many types of programs.
An application is a standalone program that runs directly on the Java
platform. A special kind of application known as a server serves and
supports clients on a network. Examples of servers are Web servers, proxy
servers, mail servers, and print servers. Another specialized program is a
servlet. A servlet can almost be thought of as an applet that runs on the
server side. Java Servlets are a popular choice for building interactive web
applications, replacing the use of CGI scripts. Servlets are similar to applets
in that they are runtime extensions of applications. Instead of working in
browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.
How does the API support all these kinds of programs? It does so with
packages of software components that provides a wide range of
functionality. Every full implementation of the Java platform gives you the
following features:
 The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
 Applets: The set of conventions used by applets.
 Networking: URLs, TCP (Transmission Control Protocol), UDP (User
Data gram Protocol) sockets, and IP (Internet Protocol) addresses.
 Internationalization: Help for writing programs that can be localized for
users worldwide. Programs can automatically adapt to specific locales
and be displayed in the appropriate language.
 Security: Both low level and high level, including electronic signatures,
public and private key management, access control, and certificates.
 Software components: Known as JavaBeansTM, can plug into existing
component architectures.
 Object serialization: Allows lightweight persistence and communication
via Remote Method Invocation (RMI).
 Java Database Connectivity (JDBCTM): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility,
servers, collaboration, telephony, speech, animation, and more. The
following figure depicts what is included in the Java 2 SDK.
How Will Java Technology Change My Life?
We can’t promise you fame, fortune, or even a job if you learn the Java
programming language. Still, it is likely to make your programs better and
requires less effort than other languages. We believe that Java technology
will help you do the following:
 Get started quickly: Although the Java programming language is a
powerful object-oriented language, it’s easy to learn, especially for
programmers already familiar with C or C++.
 Write less code: Comparisons of program metrics (class counts, method
counts, and so on) suggest that a program written in the Java
programming language can be four times smaller than the same
program in C++.
 Write better code: The Java programming language encourages good
coding practices, and its garbage collection helps you avoid memory
leaks. Its object orientation, its JavaBeans component architecture,
and its wide-ranging, easily extendible API let you reuse other
people’s tested code and introduce fewer bugs.
  Develop programs more quickly: Your development time may be as much
as twice as fast versus writing the same program in C++. Why? You
write fewer lines of code and it is a simpler programming language
than C++.
 Avoid platform dependencies with 100% Pure Java: You can keep your
program portable by avoiding the use of libraries written in other
languages. The 100% Pure JavaTM Product Certification Program has a
repository of historical process manuals, white papers, brochures, and
similar materials online.
 Write once, run anywhere: Because 100% Pure Java programs are
compiled into machine-independent byte codes, they run consistently
on any Java platform.
 Distribute software more easily: You can upgrade applets easily from a
central server. Applets take advantage of the feature of allowing new
classes to be loaded “on the fly,” without recompiling the entire
program.
ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming
interface for application developers and database systems providers. Before
ODBC became a de facto standard for Windows programs to interface with
database systems, programmers had to use proprietary languages for each
database they wanted to connect to. Now, ODBC has made the choice of the
database system almost irrelevant from a coding perspective, which is as it should
be. Application developers have much more important things to worry about than
the syntax that is needed to port their program from one database to another when
business needs suddenly change.
 Through the ODBC Administrator in Control Panel, you can specify the
particular database that is associated with a data source that an ODBC
application program is written to use. Think of an ODBC data source as a door
with a name on it. Each door will lead you to a particular database. For example,
the data source named Sales Figures might be a SQL Server database, whereas the
Accounts Payable data source could refer to an Access database. The physical
database referred to by a data source can reside anywhere on the LAN.
The ODBC system files are not installed on your system by Windows 95.
Rather, they are installed when you setup a separate database application, such as
SQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in
Control Panel, it uses a file called ODBCINST.DLL. It is also possible to
administer your ODBC data sources through a stand-alone program called
ODBCADM.EXE. There is a 16-bit and a 32-bit version of this program and each
maintains a separate list of ODBC data sources.

From a programming perspective, the beauty of ODBC is that the

application can be written to use the same set of function calls to interface with
any data source, regardless of the database vendor. The source code of the
application doesn’t change whether it talks to Oracle or SQL Server. We only
mention these two as an example. There are ODBC drivers available for several
dozen popular database systems. Even Excel spreadsheets and plain text files can
be turned into data sources. The operating system uses the Registry information
written by ODBC Administrator to determine which low-level ODBC drivers are
needed to talk to the data source (such as the interface to Oracle or SQL Server).
The loading of the ODBC drivers is transparent to the ODBC application
program. In a client/server environment, the ODBC API even handles many of the
network issues for the application programmer.
The advantages of this scheme are so numerous that you are probably
thinking there must be some catch. The only disadvantage of ODBC is that it isn’t
as efficient as talking directly to the native database interface. ODBC has had
many detractors make the charge that it is too slow. Microsoft has always claimed
that the critical factor in performance is the quality of the driver software that is
used. In our humble opinion, this is true. The availability of good ODBC drivers
has improved a great deal recently. And anyway, the criticism about performance
is somewhat analogous to those who said that compilers would never match the
speed of pure assembly language. Maybe not, but the compiler (or ODBC) gives
you the opportunity to write cleaner programs, which means you finish sooner.
Meanwhile, computers get faster every year.

JDBC
In an effort to set an independent database standard API for Java; Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a
generic SQL database access mechanism that provides a consistent interface to a
variety of RDBMSs. This consistent interface is achieved through the use of “plug-
in” database connectivity modules, or drivers. If a database vendor wishes to have
JDBC support, he or she must provide the driver for each platform that the
database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on
ODBC. As you discovered earlier in this chapter, ODBC has widespread support
on a variety of platforms. Basing JDBC on ODBC will allow vendors to bring
JDBC drivers to market much faster than developing a completely new
connectivity solution.
 JDBC was announced in March of 1996. It was released for a 90 day public
review that ended June 8, 1996. Because of user input, the final JDBC v1.0
specification was released soon after.
The remainder of this section will cover enough information about JDBC for you
to know what it is about and how to use it effectively. This is by no means a
complete overview of JDBC. That would fill an entire book.

JDBC Goals
Few software packages are designed without goals in mind. JDBC is one
that, because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library
into a solid framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some
insight as to why certain classes and functionalities behave the way they do. The
eight design goals for JDBC are as follows:

1. SQL Level API

The designers felt that their main goal was to define a SQL interface for
Java. Although not the lowest database interface level possible, it is at a low
enough level for higher-level tools and APIs to be created. Conversely, it is at a
high enough level for application programmers to use it confidently. Attaining
this goal allows for future tool vendors to “generate” JDBC code and to hide
many of JDBC’s complexities from the end user.

2. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In
an effort to support a wide variety of vendors, JDBC will allow any query
statement to be passed through it to the underlying database driver. This allows
the connectivity module to handle non-standard functionality in a manner that is
suitable for its users.

3. JDBC must be implemental on top of common database interfaces

The JDBC SQL API must “sit” on top of other common SQL level APIs.
This goal allows JDBC to use existing ODBC level drivers by the use of a
software interface. This interface would translate JDBC calls to ODBC and
vice versa.
4. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers
feel that they should not stray from the current design of the core Java system.

5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for
only one method of completing a task per mechanism. Allowing duplicate
functionality only serves to confuse the users of the API.

6. Use strong, static typing wherever possible

Strong typing allows for more error checking to be done at compile time;
also, less error appear at runtime.

7. Keep the common cases simple

Because more often than not, the usual SQL calls used by the programmer
are simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries
should be simple to perform with JDBC. However, more complex SQL
statements should also be possible.
 Finally we decided to proceed the implementation using Java Networking.

And for dynamically updating the cache table we go for MS Access

database.

Java ha two things: a programming language and a platform.

Java is a high-level programming language that is all of the
following

Simple Architecture-neutral
Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure

Java is also unusual in that each Java program is both compiled and
interpreted. With a compile you translate a Java program into an
intermediate language called Java byte codes the platform-independent
code instruction is passed and run on the computer.

Compilation happens just once; interpretation occurs each time the

program is executed. The figure illustrates how this works.
 Java Program Interpreter

Compilers My Program

You can think of Java byte codes as the machine code instructions for
the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s
a Java development tool or a Web browser that can run Java applets, is an
implementation of the Java VM. The Java VM can also be implemented
in hardware.

Java byte codes help make “write once, run anywhere” possible. You
can compile your Java program into byte codes on my platform that has a
Java compiler. The byte codes can then be run any implementation of the
Java VM. For example, the same Java program can run Windows NT,
Solaris, and Macintosh.

SYSTEM TESTING
 The purpose of testing is to discover errors. Testing is the process of trying
to discover every conceivable fault or weakness in a work product. It provides a
way to check the functionality of components, sub assemblies, assemblies and/or a
finished product It is the process of exercising software with the intent of ensuring
that the

Software system meets its requirements and user expectations and does not fail in
an unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.

TYPES OF TESTS

Unit testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid
outputs. All decision branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done after the
completion of an individual unit before integration. This is a structural testing, that
relies on knowledge of its construction and is invasive. Unit tests perform basic
tests at component level and test a specific business process, application, and/or
system configuration. Unit tests ensure that each unique path of a business process
performs accurately to the documented specifications and contains clearly defined
inputs and expected results.
Integration testing

Integration tests are designed to test integrated software components to

determine if they actually run as one program. Testing is event driven and is more
concerned with the basic outcome of screens or fields. Integration tests
demonstrate that although the components were individually satisfaction, as shown
by successfully unit testing, the combination of components is correct and
consistent. Integration testing is specifically aimed at exposing the problems that
arise from the combination of components.

Functional test

Functional tests provide systematic demonstrations that functions tested are

available as specified by the business and technical requirements, system
documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key

functions, or special test cases. In addition, systematic coverage pertaining to
identify Business process flows; data fields, predefined processes, and successive
processes must be considered for testing. Before functional testing is complete,
additional tests are identified and the effective value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.

White Box Testing

White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at least
its purpose. It is purpose. It is used to test areas that cannot be reached from a black
box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as
most other kinds of tests, must be written from a definitive source document, such
as specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black box
.you cannot “see” into it. The test provides inputs and responds to outputs without
considering how the software works.

6.1 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test
phase of the software lifecycle, although it is not uncommon for coding and unit
testing to be conducted as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be written
in detail.

Test objectives
 All field entries must work properly.
 Pages must be activated from the identified link.
 The entry screen, messages and responses must not be delayed.

Features to be tested
 Verify that the entries are of the correct format
 No duplicate entries should be allowed
  All links should take the user to the correct page.

6.2 Integration Testing

Software integration testing is the incremental integration testing of two or

more integrated software components on a single platform to produce failures
caused by interface defects.

The task of the integration test is to check that components or software

applications, e.g. components in a software system or – one step up – software
applications at the company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.

6.3 Acceptance Testing

 User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets the
functional requirements.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.

TEST CASES

Module name: Cloud

Expected Actual
S. No Test Case Input Pass/Fail
Output Output
Check cloud Cloud
Login must
1. login username and Login success Pass
be successful
functionality password
Files from Must be Successfully
2. Store files Pass
user stored stores

Module name: Owner

S. No Test Case Input Expected Actual Pass/Fail

 Output Output
Registration
Check owner Details of Registration
1. must be Pass
registration owner success
successful
Check owner Owner
Login must
2. login username and Login success Pass
be successful
functionality password
Details Must be
Upload
3. Upload files regarding uploaded Pass
success
files successfully

Module name: User

Expected Actual
S. No Test Case Input Pass/Fail
Output Output
Registration
Check User Details of Registration
1. must be Pass
registration User success
successful
Check user User
Login must
2. login username and Login success Pass
be successful
functionality password
Must be
Download Secret key for Download
3. downloaded Pass
files file download success
successfully

SCREEN SHOTS:
Home Page
Data Owner Login
Data Owner Registration
OTP verification.
Received OTP.
OTP Verification.
Data Owner Home.
File Upload
File Upload Success
My Files

Uploaded in DriveHQ with encrypted format.

Data User Home
Search Module (with search word encryption)
Query Result
User Request Approval in Data Owner Module
After approved the Status will be Changed
Decryption Key
In Data User- Requested Files
Enters Decryption Key
Decrypted Content
Cloud Login
 CONCLUSION
In this paper, we presented a phrase search scheme based on Bloom filter that is
significantly faster than existing approaches, requiring only a single round of
communication and Bloom filter verifications. The solution addresses the high
computational cost noted in by reformulating phrase search as n-gram verification
rather than a location search or a sequential chain verification. Our schemes
consider only the existence of a phrase, omitting any information of its location.
Our schemes do not require sequential verification, is parallelizable and has a
practical storage requirement. Our approach is also the first to effectively allow
phrase search to run independently without first performing a conjunctive keyword
search to identify candidate documents. The technique of constructing a Bloom
filter index enables fast verification of Bloom filters in the same manner as
indexing. According to our experiment, it also achieves a lower storage cost than
all existing solutions except where a higher computational cost was exchanged in
favor of lower storage. While exhibiting similar communication cost to leading
existing solutions, the proposed solution can also be adjusted to achieve maximum
speed or high speed with a reasonable storage cost depending on the application.
An approach is also described to adapt the scheme to defend against inclusion-
relation attacks. Various issues on security and efficiency, such as the effect of
long phrases and precision rate, were also discussed to support our design choices

REFERENCES
[1] D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano, “Public key
encryption with keyword search,” in In proceedings of Eurocrypt, 2004, pp. 506–
522.

[2] B. Waters, D. Balfanz, G. Durfee, and D. K. Smetters, “Building an encrypted

and searchable audit log,” in Network and Distributed System Security
Symposium, 2004.
[3] M. Ding, F. Gao, Z. Jin, and H. Zhang, “An efficient public key encryption
with conjunctive keyword search scheme based on pairings,” in IEEE International
Conference onNetwork Infrastructure and Digital Content, 2012, pp. 526–530.

[4] F. Kerschbaum, “Secure conjunctive keyword searches for unstructured text,”

in International Conference on Network and System Security, 2011, pp. 285–289.

[5] C. Hu and P. Liu, “Public key encryption with ranked multikeyword search,” in
International Conference on Intelligent Networking and Collaborative Systems,
2013, pp. 109–113.

[6] Z. Fu, X. Sun, N. Linge, and L. Zhou, “Achieving effective cloud search
services: multi-keyword ranked search over encrypted cloud data supporting
synonym query,” IEEE Transactions on Consumer Electronics, vol. 60, pp. 164–
172, 2014.

[7] C. L. A. Clarke, G. V. Cormack, and E. A. Tudhope, “Relevance ranking for

one to three term queries,” Information Processing and Management: an
International Journal, vol. 36, no. 2, pp. 291–311, Jan. 2000.

[8] H. Tuo and M. Wenping, “An effective fuzzy keyword search scheme in cloud
computing,” in International Conference on Intelligent Networking and
Collaborative Systems, 2013, pp. 786–789.

[9] M. Zheng and H. Zhou, “An efficient attack on a fuzzy keyword search scheme
over encrypted data,” in International Conference on High Performance
Computing and Communications and Embedded and Ubiquitous Computing, 2013,
pp. 1647–1651.

[10] S. Zittrower and C. C. Zou, “Encrypted phrase searching in the cloud,” in

IEEE Global Communications Conference, 2012, pp. 764– 770.

[11] Y. Tang, D. Gu, N. Ding, and H. Lu, “Phrase search over encrypted data with
symmetric encryption scheme,” in International Conference on Distributed
Computing Systems Workshops, 2012, pp. 471–480.

[12] H. Poon and A. Miri, “An efficient conjunctive keyword and phrase search
scheme for encrypted cloud storage systems,” in IEEE International Conference on
Cloud Computing, 2015.

[13]“A low storage phrase search scheme based on bloom filters for encrypted
cloud services,” to appear in IEEE International Conference on Cyber Security and
Cloud Computing, 2015.
[14] H. S. Rhee, I. R. Jeong, J. W. Byun, and D. H. Lee, “Difference set attacks on
conjunctive keyword search schemes,” in Proceedings of the Third VLDB
International Conference on Secure Data Management, 2006, pp. 64–74.

[15] K. Cai, C. Hong, M. Zhang, D. Feng, and Z. Lv, “A secure conjunctive

keywords search over encrypted cloud data against inclusion-relation attack,” in
IEEE International Conference on Cloud Computing Technology and Science,
2013, pp. 339–346.
[16] Y. Yang, H. Lu, and J. Weng, “Multi-user private keyword search for cloud
computing,” in IEEE Third International Conference on Cloud Computing
Technology and Science, 2011, pp. 264–271.

[17] C. Wang, N. Cao, J. Li, K. Ren, and W. Lou, “Secure ranked keyword search
over encrypted cloud data,” in International Conference on Distributed Computing
Systems, 2010, pp. 253–262.

[18] M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia,

“Practical oblivious storage,” in Proceedings of the Second ACM Conference on
Data and Application Security and Privacy, 2012, pp. 13–24.

[19] B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan, “Private information

retrieval,” in Proceedings of the 36th Annual Symposium on Foundations of
Computer Science, 1995, pp. 41–50.

[20] S. Ruj, M. Stojmenovic, and A. Nayak, “Privacy preserving access control

with authentication for securing data in clouds,” in Proceedings of the 2012 12th
IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing,
2012, pp. 556–563.

[21] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on

encrypted data,” in Proceedings of the 2000 IEEE Symposium on Security and
Privacy, 2000, pp. 44–55.

[22] E.-J. Goh, “Secure indexes,” Cryptology ePrint Archive, Report 2003/216,
2003.
[23] C. Liu, L. Zhu, L. Li, and Y. Tan, “Fuzzy keyword search on encrypted cloud
storage data with small index,” in 2011 IEEE International Conference on Cloud
Computing and Intelligence Systems, 2011, pp. 269–273.

[24] P. F. Brown, P. V. deSouza, R. L. Mercer, V. J. D. Pietra, and J. C. Lai,

“Class-based n-gram models of natural language,” Computational Linguistics, vol.
18, no. 4, pp. 467–479, 1992.

[25] D. Jurafsky and J. H. Martin, Speech and Language Processing: An

Introduction to Natural Language Processing, Speech Recognition, and
Computational Linguistics. Prentice Hall, 2009.

[26] “Project Gutenberg,” https://www.gutenberg.org/wiki/Main Page, accessed:

2014.

[27] E. L. Bird, Steven and E. Klein, Natural Language Processing with Python.
O’Reilly Media Inc, 2009.