Академический Документы
Профессиональный Документы
Культура Документы
Services Models:
Cloud Computing comprises three different service models, namely
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-
a-Service (SaaS). The three service models or layer are completed by an end user
layer that encapsulates the end user perspective on cloud services. The model is
shown in figure below. If a cloud user accesses services on the infrastructure layer,
for instance, she can run her own applications on the resources of a cloud
infrastructure and remain responsible for the support, maintenance, and security of
these applications herself. If she accesses a service on the application layer, these
tasks are normally taken care of by the cloud service provider.
Advantages:
ABSTRACT
Cloud computing has generated much interest in the research community in recent
years for its many advantages, but has also raise security and privacy concerns.
The storage and access of confidential documents have been identified as one of
the central problems in the area. In particular, many researchers investigated
solutions to search over encrypted documents stored on remote cloud servers.
While many schemes have been proposed to perform conjunctive keyword search,
less attention has been noted on more specialized searching techniques. In this
paper, we present a phrase search technique based on Bloom filters that is
significantly faster than existing solutions, with similar or better storage and
communication cost. Our technique uses a series of n-gram filters to support the
functionality. The scheme exhibits a trade-off between storage and false positive
rate, and is adaptable to defend against inclusion-relation attacks. A design
approach based on an application’s target false positive rate is also described.
SYSTEM ANALYSIS
EXISTING SYSTEM:
Boneh et al. proposed one of the earliest works on keyword searching. Their
scheme uses public key encryption to allow keywords to be searchable
without revealing data content.
Waters et al. investigated the problem for searching over encrypted audit
logs. Many of the early works focused on single keyword searches.
Recently, researchers have proposed solutions on conjunctive keyword
search, which involves multiple keywords.
Other interesting problems, such as the ranking of search results and
searching with keywords that might contain errors termed fuzzy keyword
search, have also been considered. The ability to search for phrases was also
recently investigated.
Some of the existing system has examined the security of the proposed
solutions and, where flaws were found, solutions were proposed
PROPOSED SYSTEM:
Our framework differs from some of the earlier works, where keywords
generally consist of meta-data rather than content of the files and where a
trusted key escrow authority is used due to the use of Identity based
encryption.
When compared to recent works, where an organization wishes to outsource
computing resources to a cloud storage provider and enable search for its
employees, where the aim is to return properly ranked files. Most other
recent works related to search over encrypted data have considered similar
models such as, where the client acts as both data owner and user.
IMPLEMENTATION
MODULES:
System Framework
Data Owner
Data User
Cloud Server
MODULES DESCRIPTION:
System Framework:
In this framework, we designed a standard keyword search protocol. During setup,
the data owner generates the required encryption keys for hashing and encryption
operations. Then, all documents in the database are parsed for keywords. Bloom
filters tied to hashed keywords and n-grams are attached. The documents are then
symmetrically encrypted and uploaded to the cloud server. To add files to the
database, the data owner parses the files as in setup and uploads them with Bloom
filters attached to the cloud server. To remove a file from the data, the data owner
simply sends the request to the cloud server, who removes the file along with the
attached Bloom filters. To perform a search, the data user enters keyword then it
computes and sends a trapdoor encryption of the queried keywords to the cloud to
initiate a protocol and returns accurate file. Here we implement some modules they
are Data Owner, Data User and Cloud Server.
Data Owner:
In Data Owner module, Initially Data Owner must have to register their detail and
after login he/she has to verify their login through OTP. Then data Owner can
upload files into cloud server with encrypted keywords and hashing algorithms.
He/she can view the files that are uploaded in cloud. Data Owner can approve or
reject the file request sent by data users.
Data User:
In Data User module, Initially Data Users must have to register their detail and
then login into cloud. Data Users can search all the files upload by data owners.
He/she can send request to the files and then request will send to the data owners.
If data owner approve the request then he/she will receive the decryption key in
registered mail
Cloud Server:
In this module, we develop Cloud Server module. In Cloud Server module, Cloud
Provider can view all the Data owners and data users’ details. CP can able see the
files in cloud uploaded by the data owners.
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
SOFTWARE REQUIREMENTS:
SYSTEM STUDY
FEASIBILITY STUDY
The feasibility of the project is analyzed in this phase and business
proposal is put forth with a very general plan for the project and some cost
estimates. During system analysis the feasibility study of the proposed system is to
be carried out. This is to ensure that the proposed system is not a burden to the
company. For feasibility analysis, some understanding of the major requirements
for the system is essential.
ECONOMICAL FEASIBILITY
TECHNICAL FEASIBILITY
SOCIAL FEASIBILITY
ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.
TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.
SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the
user. This includes the process of training the user to use the system efficiently.
The user must not feel threatened by the system, instead must accept it as a
necessity. The level of acceptance by the users solely depends on the methods that
are employed to educate the user about the system and to make him familiar with
it. His level of confidence must be raised so that he is also able to make some
constructive criticism, which is welcomed, as he is the final user of the system.
LITERATURE SURVEY
We study the problem of searching on data that is encrypted using a public key
system. Consider user Bob who sends email to user Alice encrypted under Alice’s
public key. An email gateway wants to test whether the email contains the
keyword “urgent” so that it could route the email accordingly. Alice, on the other
hand does not wish to give the gateway the ability to decrypt all her messages. We
define and construct a mechanism that enables Alice to provide a key to the
gateway that enables the gateway to test whether the word “urgent” is a keyword in
the email without learning anything else about the email. We refer to this
mechanism as Public Key Encryption with keyword Search. As another example,
consider a mail server that stores various messages publicly encrypted for Alice by
others. Using our mechanism Alice can send the mail server a key that will enable
the server to identify all messages containing some specific keyword, but learn
nothing else. We define the concept of public key encryption with keyword search
and give several constructions.
AUTHORS: Hyun Sook Rhee, Ik Rae Jeong, Jin Wook Byun, Dong Hoon Lee
In a keyword search scheme a user stores encrypted data on an untrusted server
and gives a database manager a capability for a keyword which enables a database
manager to find encrypted data containing the keyword without revealing the
keyword to the database manager. Conjunctive keyword search scheme enables a
user to obtain data containing all of several keywords through only one query. One
of the security requirements of conjunctive keyword search schemes is that a
malicious adversary should not be able to generate new valid capabilities from the
observed capabilities. In this paper we show that conjunctive keyword search
schemes are not secure. In particular, given two capabilities corresponding two sets
of keywords, an adversary is able to generate a new capability corresponding to the
difference set of two keywords sets.
SYSTEM DESIGN
SYSTEM ARCHITECTURE:
UML DIAGRAMS
GOALS:
The Primary goals in the design of the UML are as follows:
1. Provide users a ready-to-use, expressive visual modeling Language so that
they can develop and exchange meaningful models.
2. Provide extendibility and specialization mechanisms to extend the core
concepts.
3. Be independent of particular programming languages and development
process.
4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations,
frameworks, patterns and components.
7. Integrate best practices.
USE CASE DIAGRAM:
Login
Upload File
Cloud
Logout
CLASS DIAGRAM:
In software engineering, a class diagram in the Unified Modeling Language
(UML) is a type of static structure diagram that describes the structure of a system
by showing the system's classes, their attributes, operations (or methods), and the
relationships among the classes. It explains which class contains information.
Data User
Data Owner
Login Login
View Files
Search uploaded by Data
Files()
Upload Files ()
Owners()
View Files uploaded by Data
View Uploaded Files ()
Send File Request ()
Owners()
View File Request by Users ()
VerifyFile
Send keyRequest
Sent by()data Owner ()
Approve File Request ()
View requested
Verify key Sent by
File()
data Owner ()
Cloud
DO DU
Upload File
Search Files
Request Approval
Enter Decryption key and
Verify
ACTIVITY DIAGRAM:
DO DU
SOFTWARE ENVIRONMENT Cloud
Java Technology
Upload Files ,View Search files, View View User Details ,View
Uploaded Files ,Response Searched files, View Files Owners Details, View
Request to the Users, uploaded by Data Owners, Uploaded Files on Cloud
Java technology is both a programming language and a platform.
Send File Request , Verify Server.
key Sent by data Owner,
View requested File
The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:
Simple
Architecture neutral
Object oriented
Portable
Distributed
High performance
Interpreted
Multithreaded
Robust
Dynamic
Secure
However, the Java programming language is not just for writing cute,
entertaining applets for the Web. The general-purpose, high-level Java
programming language is also a powerful software platform. Using the
generous API, you can write many types of programs.
An application is a standalone program that runs directly on the Java
platform. A special kind of application known as a server serves and
supports clients on a network. Examples of servers are Web servers, proxy
servers, mail servers, and print servers. Another specialized program is a
servlet. A servlet can almost be thought of as an applet that runs on the
server side. Java Servlets are a popular choice for building interactive web
applications, replacing the use of CGI scripts. Servlets are similar to applets
in that they are runtime extensions of applications. Instead of working in
browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.
How does the API support all these kinds of programs? It does so with
packages of software components that provides a wide range of
functionality. Every full implementation of the Java platform gives you the
following features:
The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
Applets: The set of conventions used by applets.
Networking: URLs, TCP (Transmission Control Protocol), UDP (User
Data gram Protocol) sockets, and IP (Internet Protocol) addresses.
Internationalization: Help for writing programs that can be localized for
users worldwide. Programs can automatically adapt to specific locales
and be displayed in the appropriate language.
Security: Both low level and high level, including electronic signatures,
public and private key management, access control, and certificates.
Software components: Known as JavaBeansTM, can plug into existing
component architectures.
Object serialization: Allows lightweight persistence and communication
via Remote Method Invocation (RMI).
Java Database Connectivity (JDBCTM): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility,
servers, collaboration, telephony, speech, animation, and more. The
following figure depicts what is included in the Java 2 SDK.
How Will Java Technology Change My Life?
We can’t promise you fame, fortune, or even a job if you learn the Java
programming language. Still, it is likely to make your programs better and
requires less effort than other languages. We believe that Java technology
will help you do the following:
Get started quickly: Although the Java programming language is a
powerful object-oriented language, it’s easy to learn, especially for
programmers already familiar with C or C++.
Write less code: Comparisons of program metrics (class counts, method
counts, and so on) suggest that a program written in the Java
programming language can be four times smaller than the same
program in C++.
Write better code: The Java programming language encourages good
coding practices, and its garbage collection helps you avoid memory
leaks. Its object orientation, its JavaBeans component architecture,
and its wide-ranging, easily extendible API let you reuse other
people’s tested code and introduce fewer bugs.
Develop programs more quickly: Your development time may be as much
as twice as fast versus writing the same program in C++. Why? You
write fewer lines of code and it is a simpler programming language
than C++.
Avoid platform dependencies with 100% Pure Java: You can keep your
program portable by avoiding the use of libraries written in other
languages. The 100% Pure JavaTM Product Certification Program has a
repository of historical process manuals, white papers, brochures, and
similar materials online.
Write once, run anywhere: Because 100% Pure Java programs are
compiled into machine-independent byte codes, they run consistently
on any Java platform.
Distribute software more easily: You can upgrade applets easily from a
central server. Applets take advantage of the feature of allowing new
classes to be loaded “on the fly,” without recompiling the entire
program.
ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming
interface for application developers and database systems providers. Before
ODBC became a de facto standard for Windows programs to interface with
database systems, programmers had to use proprietary languages for each
database they wanted to connect to. Now, ODBC has made the choice of the
database system almost irrelevant from a coding perspective, which is as it should
be. Application developers have much more important things to worry about than
the syntax that is needed to port their program from one database to another when
business needs suddenly change.
Through the ODBC Administrator in Control Panel, you can specify the
particular database that is associated with a data source that an ODBC
application program is written to use. Think of an ODBC data source as a door
with a name on it. Each door will lead you to a particular database. For example,
the data source named Sales Figures might be a SQL Server database, whereas the
Accounts Payable data source could refer to an Access database. The physical
database referred to by a data source can reside anywhere on the LAN.
The ODBC system files are not installed on your system by Windows 95.
Rather, they are installed when you setup a separate database application, such as
SQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in
Control Panel, it uses a file called ODBCINST.DLL. It is also possible to
administer your ODBC data sources through a stand-alone program called
ODBCADM.EXE. There is a 16-bit and a 32-bit version of this program and each
maintains a separate list of ODBC data sources.
JDBC
In an effort to set an independent database standard API for Java; Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a
generic SQL database access mechanism that provides a consistent interface to a
variety of RDBMSs. This consistent interface is achieved through the use of “plug-
in” database connectivity modules, or drivers. If a database vendor wishes to have
JDBC support, he or she must provide the driver for each platform that the
database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on
ODBC. As you discovered earlier in this chapter, ODBC has widespread support
on a variety of platforms. Basing JDBC on ODBC will allow vendors to bring
JDBC drivers to market much faster than developing a completely new
connectivity solution.
JDBC was announced in March of 1996. It was released for a 90 day public
review that ended June 8, 1996. Because of user input, the final JDBC v1.0
specification was released soon after.
The remainder of this section will cover enough information about JDBC for you
to know what it is about and how to use it effectively. This is by no means a
complete overview of JDBC. That would fill an entire book.
JDBC Goals
Few software packages are designed without goals in mind. JDBC is one
that, because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library
into a solid framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some
insight as to why certain classes and functionalities behave the way they do. The
eight design goals for JDBC are as follows:
2. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In
an effort to support a wide variety of vendors, JDBC will allow any query
statement to be passed through it to the underlying database driver. This allows
the connectivity module to handle non-standard functionality in a manner that is
suitable for its users.
5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for
only one method of completing a task per mechanism. Allowing duplicate
functionality only serves to confuse the users of the API.
Simple Architecture-neutral
Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure
Java is also unusual in that each Java program is both compiled and
interpreted. With a compile you translate a Java program into an
intermediate language called Java byte codes the platform-independent
code instruction is passed and run on the computer.
Compilers My Program
You can think of Java byte codes as the machine code instructions for
the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s
a Java development tool or a Web browser that can run Java applets, is an
implementation of the Java VM. The Java VM can also be implemented
in hardware.
Java byte codes help make “write once, run anywhere” possible. You
can compile your Java program into byte codes on my platform that has a
Java compiler. The byte codes can then be run any implementation of the
Java VM. For example, the same Java program can run Windows NT,
Solaris, and Macintosh.
SYSTEM TESTING
The purpose of testing is to discover errors. Testing is the process of trying
to discover every conceivable fault or weakness in a work product. It provides a
way to check the functionality of components, sub assemblies, assemblies and/or a
finished product It is the process of exercising software with the intent of ensuring
that the
Software system meets its requirements and user expectations and does not fail in
an unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.
TYPES OF TESTS
Unit testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid
outputs. All decision branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done after the
completion of an individual unit before integration. This is a structural testing, that
relies on knowledge of its construction and is invasive. Unit tests perform basic
tests at component level and test a specific business process, application, and/or
system configuration. Unit tests ensure that each unique path of a business process
performs accurately to the documented specifications and contains clearly defined
inputs and expected results.
Integration testing
Functional test
System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.
Unit testing is usually conducted as part of a combined code and unit test
phase of the software lifecycle, although it is not uncommon for coding and unit
testing to be conducted as two distinct phases.
Test objectives
All field entries must work properly.
Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
No duplicate entries should be allowed
All links should take the user to the correct page.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
TEST CASES
Expected Actual
S. No Test Case Input Pass/Fail
Output Output
Check cloud Cloud
Login must
1. login username and Login success Pass
be successful
functionality password
Files from Must be Successfully
2. Store files Pass
user stored stores
Expected Actual
S. No Test Case Input Pass/Fail
Output Output
Registration
Check User Details of Registration
1. must be Pass
registration User success
successful
Check user User
Login must
2. login username and Login success Pass
be successful
functionality password
Must be
Download Secret key for Download
3. downloaded Pass
files file download success
successfully
SCREEN SHOTS:
Home Page
Data Owner Login
Data Owner Registration
OTP verification.
Received OTP.
OTP Verification.
Data Owner Home.
File Upload
File Upload Success
My Files
REFERENCES
[1] D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano, “Public key
encryption with keyword search,” in In proceedings of Eurocrypt, 2004, pp. 506–
522.
[5] C. Hu and P. Liu, “Public key encryption with ranked multikeyword search,” in
International Conference on Intelligent Networking and Collaborative Systems,
2013, pp. 109–113.
[6] Z. Fu, X. Sun, N. Linge, and L. Zhou, “Achieving effective cloud search
services: multi-keyword ranked search over encrypted cloud data supporting
synonym query,” IEEE Transactions on Consumer Electronics, vol. 60, pp. 164–
172, 2014.
[8] H. Tuo and M. Wenping, “An effective fuzzy keyword search scheme in cloud
computing,” in International Conference on Intelligent Networking and
Collaborative Systems, 2013, pp. 786–789.
[9] M. Zheng and H. Zhou, “An efficient attack on a fuzzy keyword search scheme
over encrypted data,” in International Conference on High Performance
Computing and Communications and Embedded and Ubiquitous Computing, 2013,
pp. 1647–1651.
[11] Y. Tang, D. Gu, N. Ding, and H. Lu, “Phrase search over encrypted data with
symmetric encryption scheme,” in International Conference on Distributed
Computing Systems Workshops, 2012, pp. 471–480.
[12] H. Poon and A. Miri, “An efficient conjunctive keyword and phrase search
scheme for encrypted cloud storage systems,” in IEEE International Conference on
Cloud Computing, 2015.
[13]“A low storage phrase search scheme based on bloom filters for encrypted
cloud services,” to appear in IEEE International Conference on Cyber Security and
Cloud Computing, 2015.
[14] H. S. Rhee, I. R. Jeong, J. W. Byun, and D. H. Lee, “Difference set attacks on
conjunctive keyword search schemes,” in Proceedings of the Third VLDB
International Conference on Secure Data Management, 2006, pp. 64–74.
[17] C. Wang, N. Cao, J. Li, K. Ren, and W. Lou, “Secure ranked keyword search
over encrypted cloud data,” in International Conference on Distributed Computing
Systems, 2010, pp. 253–262.
[22] E.-J. Goh, “Secure indexes,” Cryptology ePrint Archive, Report 2003/216,
2003.
[23] C. Liu, L. Zhu, L. Li, and Y. Tan, “Fuzzy keyword search on encrypted cloud
storage data with small index,” in 2011 IEEE International Conference on Cloud
Computing and Intelligence Systems, 2011, pp. 269–273.
[27] E. L. Bird, Steven and E. Klein, Natural Language Processing with Python.
O’Reilly Media Inc, 2009.