Essay Writing Service

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Course and Fine Grained Encryption Strategies

1. INTRODUCTION 1.1 PURPOSE: Current ways to deal with uphold fine-grained get to control on private information facilitated in the cloud depend on fine-grained encryption of the information. Under such methodologies, information proprietors are accountable for scrambling the information before transferring them on the cloud and re-encoding the information at whatever point client certifications or approval arrangements change. Information proprietors consequently bring about high correspondence and calculation costs. A superior approach ought to designate the authorization of fine-grained get to control to the cloud, so to limit the overhead at the information proprietors, while guaranteeing information classification from the cloud. We propose an approach, in view of two layers of encryption that locations such necessity. Under this approach, the information proprietor plays out a coarse-grained encryption, though the cloud plays out a fine-grained encryption on top of the proprietor scrambled information. A testing issue is the way to deteriorate get to control strategies (ACPs) with the end goal that the two layer encryption can be performed. This technique uses an effective gathering key administration conspire that backings expressive ACPs. This framework guarantees the classification of the information and jam the security of clients from the cloud while appointing a large portion of the get to control requirement to the cloud. 1.2 EXISTING SYSTEM: Single layer encryption (SLE) approaches Single-layer encryption (SLE) methods require the data owner to enforce access control by encrypting the data owner. However, while SLE addresses some limitations of previous approaches, it remains necessary for the data owner to enforce all ACPs by fine-grained encryption, both initially and subsequently after the users are added / revoked or the ACPs changed . All these encryption activities must be done in the owner, which implies a high cost of communication and calculation.  Disadvantages

  1. As the data owner does not keep a copy of the data, as long as user dynamics or ACPs change
  2. The data owner needs to download and decrypt the data, re-encrypt it with the new keys and upload the encrypted data. Note also that this process must be applied to all data elements encrypted with the same key. This is inefficient when the data set to be re-encrypted is large.
  3. To issue the new keys to the users, the owner of the data needs to establish private communication channels with the users.
  4. The privacy of the identity attributes of the users is not taken into account. Therefore, the cloud can learn sensitive information about users and their organization.
  5. All these encryption activities must be done in the owner, which entails high costs of communication and calculation.

1.3 PROPOSED SYSTEM: Two layer encryption (TLE) Scheme The approach is based on two layers of encryption applied to each data element uploaded to the cloud. Two-layer encryption (TLE), the data owner performs a coarse-grained encryption on the data to ensure the confidentiality of the cloud data. The cloud then performs fine-grained encryption on the encrypted data provided by the owner of the data based on the ACPs provided by the data owner.  Advantages

  1. When user policy or user dynamics change, only the external layer of encryption must be updated.
  2. Since external layer encryption is performed in the cloud, no data transmission is required between the data owner and the cloud.
  3. The data owner and the cloud service use a broadcast key management scheme by which the actual keys do not need to be distributed to the users. Instead, users are given one or more secrets that allow them to derive the actual symmetric keys to decrypt the data.

2 LITERATURE SURVEY 2.1 Above the Clouds: A Berkeley View of Cloud Computing AUTHORS:  M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica and M. Zaharia

As long as certain obstacles are overcome, we believe that Cloud Computing has the potential to transform a large part of the IT industry, making the software even more attractive as a service and shaping the way IT hardware is designed and purchased. Developers with innovative ideas for new interactive Internet services no longer require large capital expenditures on hardware to deploy their service or human expense to operate it. They do not need to worry about over-provisioning for a service whose popularity does not meet their predictions, thus wasting expensive resources, or under provision for one that becomes popular, losing potential customers and revenue. In addition, companies with large batch-based tasks can get their results as quickly as their programs can scale, since using 1000 servers for one hour costs no more than using a server for 1000 hours. This elasticity of resources, without paying a large-scale premium, is unprecedented in the history of IT. The economies of scale of large-scale datacenters combined with the use of “pay-per-use” resources have announced the emergence of Cloud Computing. It is now attractive to deploy an innovative Internet service on a third-party Internet Datacenter instead of your own infrastructure, and gracefully scale its resources as its popularity and revenue grows or decreases. Expansion and daily decline in response to normal daytime patterns could further reduce costs. Cloud Computing transfers the risks of over-provisioning or under-provisioning to the Cloud Computing provider, which mitigate that risk through statistical multiplexing over a much larger set of users and offering relatively low prices due to better utilization and the purchase economy to a Scale. We define terms, we present an economic model that quantifies the key decision of purchase vs. Pay-per-use, we offer a spectrum to rank Cloud Computing providers and give our opinion on the top 10 obstacles and opportunities for Cloud Computing growth.   2.2 Outsourcing the Decryption of ABE Ciphertexts AUTHORS: M. Green, S. Hohenberger and B. Waters Attribute-based encryption (ABE) is a new vision for public key encryption that allows users to encrypt and decrypt messages based on user attributes. For example, a user can create an encrypted text that can be decrypted only by other users with satisfactory attributes (“Faculty” or “Doctor” and “Which Completed”). Given its expressiveness, ABE is currently being considered for many storage and cloud computing applications. However, one of the main drawbacks of ABE’s efficiency is that the size of the ciphertext and the time needed to decrypt it grows with the complexity of the access formula. In this paper, we propose a new paradigm for ABE that largely eliminates this overload for users. Suppose ABE ciphertext is stored in the cloud. It shows how a user can provide the cloud with a single transformation key that allows the cloud to translate any ABE encryption satisfied by that user’s attributes into a ciphertext of size The Gamal (constant size), without the cloud being able to Read no part of the user’s messages. To accurately define and demonstrate the benefits of this approach, we offer new security definitions for both CPA and CCA replayable security with outsourcing, several new constructions, an implementation of our algorithms, and detailed performance measures. In a typical configuration, the user significantly saves both the bandwidth and the decryption time, without increasing the number of transmissions. 2.3  Attribute-Based Encryption with Verifiable Outsourced Decryption AUTHORS:  J. Lai, R. H. Deng, C. Guan and J. Weng Attribute-based encryption (ABE) is a one-to-many public key-based encryption that allows users to encrypt and decrypt data based on user attributes. A promising application of ABE is the flexible access control of encrypted data stored in the cloud, using access policies and attributed attributes associated with private keys and encrypted texts. One of the main drawbacks of the efficiency of existing ABE schemes is that decryption involves expensive pairing operations and the number of such operations grows with the complexity of the access policy. Recently, Green et al. He proposed an ABE system with externalized decryption that largely eliminates decryption overhead for users. In such a system, a user provides an untrusted server, for example a cloud service provider, with a transform key that allows the cloud to translate any ABE-encrypted text satisfied by that user’s access policy or attributes into one Simple ciphertext and only incurs a small Computational for the user to retrieve plain text from the transformed ciphertext. The security of an ABE system with externalized decryption ensures that an adversary (including a malicious cloud) will not learn anything about the encrypted message; However, it does not guarantee the correctness of the transformation performed by the cloud. In this work, we consider a new ABE requirement with externalized decryption: verifiability. Informally, verifiability ensures that a user can verify efficiently whether the transformation is done correctly. We provide a formal ABE model with externally verifiable decryption and propose a concrete scheme. We will prove that our new scheme is secure and verifiable, without relying on random oracles. Finally, we show an implementation of our scheme and the result of performance measurements, indicating a significant reduction in the IT resources imposed on users.  2.4  Decentralizing Attribute-Based Encryption AUTHORS:  A. Lewko and B. Waters We propose a system of Encryption of Attributes Based on Multiple Attributes (ABE). In our system, any part can become an authority and there is no requirement for global coordination other than the creation of an initial set of common reference parameters. A party can simply act as an ABE authority by creating a public key and issuing private keys for different users that reflect their attributes. A user can encrypt the data in terms of any Boolean formula over the attributes cast from any chosen group of authorities. Finally, our system does not require any central authority. In building our system, our biggest technical hurdle is to make collusion resistant. Earlier attribute-based encryption systems achieved resistance to collusion when the ABE system authority “bound” the different components (representing different attributes) of a user’s private key by randomly assigning the key. However, in our system each component will come from a potentially different authority, where we do not assume any coordination between such authorities. We create new techniques to join key components and avoid collusion attacks between users with different global identifiers. We will test our secure system using the recent dual-system encryption methodology where the security test works by first converting the ciphertext challenge and private keys into a semi-functional form and discussing security. We follow a recent variant of the dual system test technique due to Lewko and Waters and construct our system using compound order bilinear groups. We tested the security under static assumptions similar to the role of LW in the random model of the oracle. 2.5 Ciphertext-Policy Attribute-Based Encryption: an Expressive, Enficient, and Provably Secure Realization AUTHORS: B. Waters We present a new methodology for performing encryption of Ciphertext Policy Attributes (CP-ABE) under specific and non-interactive cryptographic hypotheses in the standard model. Our solutions allow any encrypter to specify access control in terms of any access formula on the attributes in the system. In our most efficient system, the size of encryption, encryption and decryption time vary linearly with the complexity of the access formula. The only previous work to achieve these parameters was limited to a test in
the generic group model. We present three constructions within our framework. Our first system is shown to be selectively safe under the assumption that we call the bilinear Parallel Bilateral Diffie-Hellman Exponent (PBDHE) hypothesis that can be viewed as a generalization of the BDHE assumption. Our next two constructions provide performance compensations to achieve testable security, respectively, under the decisive assumptions Bilinear-Diffie-Hellman Exponent and Bilinear Diffie-Hellman decisions.

3 ANALYSIS The analysis are conceptual models that capture an abstraction of a situation that can often be found in modeling. It can be represented as a group of related generic objects, with stereotypical attributes, behaviors and expected interactions defined in a domain-neutral form. 3.1 SOFTWARE REQUIREMENTS Java Java is a set of software and specifications developed by Sun Microsystems, which was later acquired by Oracle Corporation, which provides a system for developing application software and deploying it in a multiplatform computing environment. Java is used in a wide variety of computing platforms from embedded devices and mobile phones to enterprise servers and supercomputers. Although less common than standalone Java applications, Java applets run in sandbox and secure environments to provide many native application features and can be embedded in HTML pages. JavaScript JavaScript is a high-level, dynamic and interpreted programming language. It has been standardized in the ECMAScript language specification. Along with HTML and CSS, it is one of the three main technologies of World Wide Web content production; Most websites use it and it is compatible with all modern web browsers without add-ons. JavaScript is based on prototypes with first-class functions, making it a multi-paradigm language, supporting object-oriented, imperative, and functional programming styles. It has an API for working with text, arrays, dates, and regular expressions, but does not include any I / O, such as networks, storage, or graphics installations, depending on them in the host environment on which it is embedded.  MySQL MySQL is an open-source relational database management system. In July 2013, it was the world’s second most widely used RDBMS, and the most widely used open-source client–server model RDBMS. It is a popular choice of database for use in web applications, and is a central component of the widely used WAMPopen-source web application software stack. WAMP is an acronym for “Windows, Apache, MySQL, Perl/PHP/Python“. On all platforms except Windows, MySQL ships with no GUI tools to administer MySQL databases or manage data contained within the databases. Users may use the included command line tools, or install MySQL Workbench via a separate download. Many third party GUI tools are also available. HTML HTML is a markup language for describing web documents (web pages). HTML stands for Hyper Text Markup Language. A markup language is a set of markup tags. HTML documents are described by HTML tags. Each HTML tag describes different document content. HTML allows images and other objects to be embedded and it can be used to create interactive forms. It provides a means to create structured documents by denoting structural semantics for text such as headings, paragraphs, lists, links, quotes and other items. HTML can embed scripts written in languages such as JavaScript which affect the behavior of HTML web pages. 3.2 HARDWARE REQUIREMENTS

  • System  : Pentium IV 2.4 GHz.
  • Hard Disk        : 40 GB
  • RAM              : 1 GB

3.3 MODULES OF THE SYSTEM

  1. Admin
  2. Cloud Service Provider
  3. Data Owner
  4. User

3.3.1 Admin Admin creates cloud site, updates it and views cloud details and data owner details. 3.3.2 Cloud Service Provider Cloud Service Provider approves the status of the data owner and user and views the uploaded files of the data owner. 3.3.3 Data Owner

  • Should register first and then login.
  • Unless cloud service provider accepts the data owner and send key to the respective mail, the data owner cannot login to his account.
  • The data owner can upload & download files, views & delete the files and process the user request to download the files.

3.3.4 User

  • Should register first and then login.
  • Update and view profile.
  • View files and to download the file send request to data owner.

3.4SYSTEM STUDY: 3.4.1 Technical Feasibility Evaluating technical feasibility is the most difficult part of a feasibility study. This is because, at this time, there are not too many detailed system designs, which makes it difficult to access problems such as performance, costs (due to the type of technology to be implemented), etc. Be considered when doing a technical analysis.  Understanding different technologies involved in the proposed system:                    Before starting the project, we must be very clear about what technologies are required for the development of the new system. Find out whether the organization currently possesses the required technologies:

  • Is the required technology available with the organization?
  • If so, is the capacity sufficient?

Will the current printer be able to handle the new reports and forms required for the new system? 3.4.2 Operational Feasibility Proposed projects are beneficial only if they can become information systems that meet the operational requirements of organizations. In short, this feasibility test asks whether the system will work when it is developed and installed. Are there major obstacles to implementation? Here are some questions that will help you test the operational feasibility of a project: Is there sufficient support for the user administration project? If the current system is well liked and used to the extent that people will not be able to see the reasons for the change, there may be resistance. Are current business methods acceptable to the user? If they are not, users can welcome a change that will bring more operative and useful systems. Has the user participated in the planning and development of the project? Early participation reduces the potential for system and overall resistance and increases the likelihood of project success. Since the proposed system was to help reduce the difficulties encountered. In the existing manual system, the new system was considered viable.  3.4.3 Economic Feasibility This study is carried out to check whether the organization will have economic impact due to the system. The company can only provide limited funds for research and development so we need to utilize them in efficient way. We need to explain the expenditures we have made. Thus the developed system should be with in the budget as most of the technology is available free. Only the few products should be purchased. 4. SYSTEM DESIGN 4.1 INPUT DESIGN The link between the user and the information system is called Input Design. Understanding the development specification and procedures for data preparation and the steps are necessary to put the transaction data in a usable form for processing can be achieved by inspecting the computer to read data from a written or printed document or can occur by having People typing data directly into the system. The input design focuses on controlling the amount of input required, controlling errors, avoiding delays, avoiding additional steps and keeping the process simple. The entrance is designed in such a way that it provides security and ease of use with the retention of privacy. The input design considered the following:

  • What input data should be given?
  • How should data be organized or coded?
  • The dialogue to guide the operational staff in the provision of input.
  • Methods for preparing input validations and steps to follow when an error occurs.

OBJECTIVES

  1. The process of converting a user-oriented description of the input into a computer-based system is called input design. This design is important to avoid errors in the data entry process and to show the correct address to the administration to obtain correct information of the computerized system.
  2. It is achieved by creating easy-to-use screens for data entry to handle large volumes of data. The goal of designing the input is to facilitate data entry and be error-free. The data entry screen is designed in such a way that all manipulated data can be made. It also provides disk viewing facilities.
  3. When entering the data, validity will be checked. We can enter the data with the help of screens. Appropriate messages are provided as necessary when the user will not be in instant maize. Thus, the purpose of the input design is to create an easy-to-follow input design

5.2 OUTPUT DESIGN A quality output is one that meets the requirements of the end user and presents the information clearly. In any system, processing results are communicated to users and to another system through outputs. The output design determines how the information is to be shifted for the immediate need and also the output of the printed copy. For the user it is the most important and direct source information. In order to improve the system’s relationship for helping the user’s decision making we need efficient and intelligent output design.

  1. The design of computer production must proceed in an organized and well thought out way; The correct output must be developed and also we should ensuring that each output element is designed in  a way that people should find the system can used easily and effectively. When designing computer output design, they should identify the specific output that is needed to meet the requirements.
  2. Select methods for presenting information.
  3. Create documents, reports, or other formats that contain information produced by the system.

The output form of an information system must achieve one or more of the following objectives.

  • Transmit information on past activities of the Future, current status or projections of the
  • Point out important events, opportunities, problems or warnings.Activate an action.
  • Confirm an action.

4.3 SYSTEM ARCHITECTURE C:\Users\user\Downloads\architecture.jpg 4.4 UML CONCEPTS The Unified Modelling Language (UML) is a standard language for writing software blue prints. The UML is a language for

  • Visualizing
  • Specifying
  • Constructing
  • Documenting the artefacts of a software intensive system.

UML is a language that provides vocabulary and rules for combining words in that vocabulary for the purpose of communication. A modeling language is a language whose vocabulary and rules focus on the concessorial and physical representation of a system. Modeling produces an understanding of a system. 4.4.1 Building Blocks of the UML The vocabulary of the UML encompasses three kinds of building blocks:

  • Things
  • Relationships
  • Diagrams

Things are abstractions that are first class citizens in a model; Relations unite these things; Diagrams collect interesting collections of things. 1. Things in the UML There are four types of things in the UML:

  • Structural things
  • Behavioral things
  • Grouping things
  • Annotational things

  Structural things are the nouns of UML models. The structural things used in the project design are: First, a class is a set of objects that have the same attributes, operations, relationships and semantics.

Window
Origin Size
open() close() move() display()

Fig: Classes Second, a use case is a set of sequence of actions that a system performs which yields an particular result of value to particular actor.  Fig: Use Cases Third, a node is a physical element that will be at runtime and represents a computational resource, which generally have at least some memory and often processing capability.  Fig: Nodes Behavioral things are the dynamic parts of UML models. The behavioral thing used is: Interaction: An interaction is a behavior comprising a set of messages exchanged between a set of objects within a particular context to achieve a specific purpose. An interaction involves a series of other elements, including messages, action sequences (behavior invoked by a message and links (the connection between objects).  Fig: Messages 2. Relationships in the UML: There are four kinds of relationships in the UML:

  • Dependency
  • Association
  • Generalization
  • Realization

dependency is a semantic relationship between two things in which if you change one thing that may affect the semantics of the other thing (the dependent thing).  Fig: Dependencies An association is a structural relationship in which it describes a set links, a link being a connection among objects. Aggregation is a special kind of association, it represents a structural relationship between a whole and its parts.  Fig: Association A generalization is a specialization/ generalization relationship in which objects of the specialized element (the child) are substitutable for objects of the generalized element (the parent).  Fig: Generalization A realization is a semantic relationship between classifiers, where in one classifier specifies a contract that another classifier guarantees to carry out.  Fig: Realization 4.4.2 UML DIAGRAMS: 1. USE CASE DIAGRAM for Admin    Fig 4.4.2.1 Use Case Diagram for Admin The above diagram is Use case diagram for Admin. It shows the set of actions performed by the Admin.As described earlier, the content in the Ovals are actions performed in the system and those actors are like symbols represent users in system. Those dashed lines from user to action means user are performing those actions respectively.  .USE CASE DIAGRAM for User  Fig 4.4.2.2 Use Case Diagram for User   3. CLASS DIAGRAM  Fig 4.4.2.3 Class Diagram The above diagram represents class diagram of our system i.e., it shows various classes used in our system and the relationship with one class to other in the system. Each rectangle box represents a class and the upper portion of it represents class name and middle portion represents attributes of the class and the lower represents the functions performed by that class.     4. ACTIVITY DIAGRAM for  CSP CSPActivity.jpg Fig 4.4.2.4 Activity Diagram for CSP Activity diagrams are graphical representations of workflows of stepwise activities and actions with support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can be used to describe the business and operational step-by-step workflows of components in a syste. An activity diagram shows the overall flow of control.       5. SEQUENCE DIAGRAM for Admin  Fig 4.4.2.5 Sequence Diagram for Admin The above diagram show sequence diagram for Admin. It represents sequence or flow of messages in system among various objects of the system. The rectangle boxes at top represent objects that are invoked in the procedure.     6. STATE DIAGRAM for Data Owner    Fig 4.4.2.6 State Diagram for Data Owner The above diagram is State Diagram for Data Owner. State Diagram is composed of finite number of states. Each diagram usually represents objects of single class and track the different states of its objects through the system.   7 DEPLOYMENT DIAGRAM  Fig 4.4.2.7 Deployment Diagram Deployment diagrams are used to describe the static deployment view of a system. It consist of nodes and their relationships. Deployment diagrams are used for describing the hardware components where software components are deployed.                 5 IMPLEMENTATION Register.java packagemypack; importjavax.servlet.*; importjavax.servlet.http.*; import java.io.*; importjava.sql.*; importjava.text.*; importdb.MyConnection; public class Register extends HttpServlet { Connection con=null; PreparedStatementps=null; Statement st=null; ResultSetrs=null; String path=null; public void doPost(HttpServletRequestreq,HttpServletResponse res)throws ServletException,IOException { int result=0; res.setContentType(“text/html”); PrintWriter pw=res.getWriter(); String uname=req.getParameter(“uname”); System.out.println(“register name”+uname); System.out.println(“143”); try { Class.forName(“com.mysql.jdbc.Driver”); con=DriverManager.getConnection(“jdbc:mysql://localhost:3306/privacy”,”root”,””); st=con.createStatement(); ResultSetrs=st.executeQuery(“select * from registration where uname='”+uname+”‘”); if(rs.next()) { res.sendRedirect(“registration.jsp?msg=User already exist”); } else { String name=req.getParameter(“name”); String pwd=req.getParameter(“pwd”); String email=req.getParameter(“email”); String gen=req.getParameter(“gender”); String dob=req.getParameter(“dob”); String question=req.getParameter(“question”); String answer=req.getParameter(“answer”); String pno=req.getParameter(“pno”); String city=req.getParameter(“city”); String random = “Not Generated”; String status = “Pending”; ps=con.prepareStatement(“insert into registration values(?,?,?,?,?,?,?,?,?,?,?,?)”); ps.setString(1,name); ps.setString(2,uname); ps.setString(3,pwd); ps.setString(4,random); ps.setString(5,email); ps.setString(6,gen); ps.setString(7,dob); ps.setString(8,question); ps.setString(9,answer); ps.setString(10,pno); ps.setString(11,city); ps.setString(12,status); result=ps.executeUpdate(); if(result==1) { res.sendRedirect(“index.jsp?msg=Registration Success and wait for admin approval!!!”); } else { res.sendRedirect(“ereg.htm”); } } } catch (SQLException se) { se.printStackTrace(); } catch(Exception e) { e.printStackTrace(); } } public void destroy() { try { ps.close(); con.close(); } catch (Exception e) { e.printStackTrace(); } } } CreateCloud.java packagemypack; import java.io.*; importjava.sql.*; importjavax.servlet.*; importjavax.servlet.http.*; importdb.MyConnection; public class CreateCloud extends HttpServlet { PreparedStatementps= null; Connection con= null; Statement st=null; ResultSetrs=null; String path=null; public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException { String ip = request.getParameter(“cip”).trim(); String status = request.getParameter(“cstatus”).trim(); String name = request.getParameter(“cuser”).trim(); String password = request.getParameter(“cpassword”).trim(); try { Class.forName(“com.mysql.jdbc.Driver”);   con=DriverManager.getConnection(“jdbc:mysql://localhost:3306/privacy”,”root”,””); st=con.createStatement(); rs=st.executeQuery(“select * from clouddetails where USERNAME='”+name+”‘”); if(rs.next()) {   response.sendRedirect(“createcloud.jsp?msg1=Cloud already exist”); } else { java.util.Date ud1 =new java.util.Date(); java.sql.Date sd1 = new java.sql.Date(ud1.getTime()); String sql =”insert into clouddetailsvalues(?,?,?,?,?)”; ps=con.prepareStatement(sql); ps.setStri
ng(1,ip); ps.setString(2,name); ps.setString(3,password); ps.setString(4,status); ps.setDate(5,sd1); int a = ps.executeUpdate(); if (a==1) { response.sendRedirect(“createcloud.jsp?msg1=Cloud Registration Successfully Done!”); } else { response.sendRedirect(“ecreatecloud.jsp”); } } } catch (Exception e) { e.printStackTrace(); } } public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException { doGet(request, response); } } requestfile.jsp <%@page import=”java.sql.*”%> <%@ page language=”java” contentType=”text/html; charset=ISO-8859-1″ pageEncoding=”ISO-8859-1″%> <!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “http://www.w3.org/TR/html4/loose.dtd”> <html> <head> <meta http-equiv=”Content-Type” content=”text/html; charset=ISO-8859-1″> <title>Insert title here</title> </head> <body> <% Class.forName(“com.mysql.jdbc.Driver”); Connection con=DriverManager.getConnection(“jdbc:mysql://localhost:3306/privacy”,”root”,””); String uname = request.getParameter(“username”); String ip = request.getParameter(“ip”); String file = request.getParameter(“file”); String owner = request.getParameter(“owner”); String status= “waiting”; java.util.Date ud1 =new java.util.Date(); java.sql.Date sd1 = new java.sql.Date(ud1.getTime()); PreparedStatementps = con.prepareStatement(“insert into request values(?,?,?,?,?,?)”); ps.setString(1, uname); ps.setString(2, file); ps.setString(3, ip); ps.setDate(4, sd1); ps.setString(5, status); ps.setString(6, owner); inti = ps.executeUpdate(); if(i>0) { response.sendRedirect(“reports1.jsp?msg4=Request sent successfully”); } %> </body> </html> 6 SCREENSHOTS D:\Project\sony\screenshots\1.png Fig 6.1 Main home page This is the Main page where a user and data owner can register and admin and csp logins. D:\Project\sony\screenshots\2.png Fig 6.2 User Registration D:\Project\sony\screenshots\3.png Fig 6.3 Create Cloud This is the admin page where he can create cloud with the registered credentials in drivehq. D:\Project\sony\screenshots\4.png Fig 6.4 View Data Owner Details This is the Admin page where he can view the approved data owner details. D:\Project\sony\screenshots\6.png Fig 6.5 Login Alerts This is the Login Alerts page of Admin where he can view the list of illegal access users. D:\Project\sony\screenshots\7.png Fig 6.6 Approve Data Owners This is the CSP module where he can approve Data Owners. D:\Project\sony\screenshots\8.png Fig 6.7 Approve Users This is the CSP page where he approves Users. D:\Project\sony\screenshots\upload.png Fig 6.8 Upload file This is the data owner module where he can upload file by selecting a cloud. D:\Project\sony\screenshots\11.PNG Fig 6.9 Process User Request A Data Owner processes the request of a user for the file that has been uploaded by him. C:\Users\user\Desktop\1.PNG Fig 6.10  Password sent to the user via mail Auto generated Password mailed to the registered user with which a user can login and access the files. D:\Project\sony\screenshots\12.PNG Fig 6.11 Send Download Request This is the user module where a user sends a download request to the data owner. C:\Users\user\Desktop\Capture.PNG Fig 6.12 Secret key sent to the user via mail. With this key, a user will be able to download the file. D:\Project\sony\screenshots\13.PNG Fig 6.13 Download file The user downloads the file by entering the secret key that has been sent to him via mail by the data owner. D:\Project\sony\screenshots\14.PNG Fig 6.14 Encrypted file This is the encrypted file in cloud. 7 TESTING The purpose of the test is to find errors. Testing is the process of trying to discover every conceivable lack or weakness in a work product. Provides a way to check the functionality of components, subassemblies, assemblies, and / or a finished product. It is the process of exercising the software with the intention of ensuring that the Software system meets your requirements and user expectations and does not fail in an Unacceptable. There are several types of test. Each type of test responds to a specific test requirement.   7.1   TYPES OF TESTS UNIT TESTING Unit testing involves the design of test cases that validate that the internal logic of the program functions correctly and that program inputs produce valid outputs. All decision and internal code flow branches must be validated. It is the test of the individual software units of the application. It is done after completion of an individual unit prior to integration. It is a structural test, which is based on the knowledge of its construction and is invasive. Unit testing performs basic component-level testing and tests a specific business process, application, and / or system configuration. Unit testing ensures that each unique trajectory of a business process is performed accurately with documented specifications and contains clearly defined entries and expected results. INTEGRATION TESTING Integration testing is designed to test integrated software components to determine if they actually work as a program. The tests are event driven and are more concerned with the basic result of screens or fields. The integration tests show that although the components were individual satisfaction, as demonstrated by the successful unit test, the combination of components is correct and consistent. The integration tests are specifically oriented to expose the problems that arise from the combination of components.   FUNCTIONAL TEST Functional tests provide systematic demonstrations that proven functions are available as specified by commercial and technical requirements, system documentation, and user manuals. Functional tests focus on the following elements:

  • Valid Input               :  we must accept the valid input.
  • Invalid Input             : we must reject the invalid input.
  • Functions                  : exercise the funstions.
  • Output                      : exercise the application outputs.
  • Systems/Procedures  : invoke interfacing systems or procedure.

Requirements,key functions or special test cases are the main things that the organization and preparation of functional tests focuses on. In addition, we should consider systematic coverage related to the identification of business process flows; Data fields, predefined processes, and successive processes for testing. Additional tests are identified before the functional test is completed, and the actual value of the ongoing tests is determined. SYSTEM TEST The entire integrated software system should meet the requirements, so system testing ensures that thi criteria is acheived. To ensure known and predictable results we should test a configuration. An example of system testing is the configuration-oriented system integration test. System testing relies on descriptions and process flows, with emphasis on pre-driven process linkages and integration points. WHITE BOX TESTING White Box Testing is a test in which the software tester has knowledge of the internal operation, structure and language of the software, or at least its purpose. It is the purpose. It is used to test areas that can not be reached from a black box level.     BLACK BOX TESTING Black Box Testing is testing the software without any knowledge of the internal operation, structure or language of the module being tested. Black box testing, like most other types of tests, should be written from a definitive source document, such as a specification document or requirements, such as a specification document or requirements. It is a test in which the software under test is treated, like a black box. You can not “see” in it. The test provides inputs and responds to outputs without regard to how the software works. 7.2 UNIT TESTING: Usually, unit tests are performed as part of a combined code and a unit testing phase of the software life cycle, although it is not uncommon for coding and unit testing to be performed in two distinct phases. Test strategy and approach Field tests will be performed manually and functional tests will be written in detail. Objectives of the test • All field entries should work properly. • Identified link should activate the pages. • There should be no delay in the entry screen, messages and responses. Features to be tested • Format of the entried should be verified • Only non duplicated entries are allowed • We should get correct pages for all links.     7.3 INTEGRATION TESTING: Two or more software components integrated into a single platform. This will produce faults caused by interface defects. This is tested incrementally in integrated testing. The components or software applications are checked by integration testing. Components in a software system or – a step above – enterprise-level software applications – interact without error. Test Results: All of the test cases mentioned above passed successfully. No defects were found. 7.4 ACCEPTANCE TESTING: In user acceptance testing, the user should accept the system completely and it should be according to the user specified. It also ensures that the system meets the functional requirements. Test Results: All of the test cases mentioned above passed successfully. No defects were found.   7.5 TEST CASES 7.5.1 LOGIN FORM:

SL.No Test Case Excepted Result Test Result
1 Enter valid name and password & click on login button Software should display main window Successful
2 Enter invalid Software should not display main window successful

7.5.2 REGISTRATION  FORM:

SL.No Test Case Excepted Result Test Result
1 On clicking the Register button At first user have to fill all fields with proper data , if any Error like entering text data instead of number or entering number instead of text..is found then it gives proper message otherwise. It adds the registration details to the Database. successful

    7.5.3 USER FILE UPLOAD &  DOWNLOAD FORM:

SL.No Test Case Excepted Result Test Result
1. On  Clicking the Upload Button Upload file into  to cloud server when clicking upload button. Successful
2. Clicking the Download  button Display the next window and file will be downloaded successful
3 On clicking all files Display all files in main window successful
4 On clicking the login alert Display all data owner and user login  alerts successful
5 On clicking the view file Display all file contents successful

8. CONCLUSION Current ways to deal with implement ACPs on outsourced information utilizing particular encryption oblige associations to deal with all keys and encryptions and transfer the encoded information to the remote stockpiling. Such methodologies bring about high correspondence and calculation cost to oversee keys and encryptions at whatever point client accreditations change. In this venture, we proposed a two layer encryption based way to deal with take care of this issue by appointing however much of the get to control requirement obligations as could reasonably be expected to the cloud while limiting the data introduction hazards because of conspiring Users and cloud. A key issue in such manner is the means by which to deteriorate ACPs so that the Owner needs to deal with a base number of quality conditions while concealing the substance from the cloud. We demonstrated that the approach deterioration issue is NP-Complete and gave guess calculations. In view of the disintegrated ACPs, we proposed a novel way to deal with security saving fine-grained designated get to control to information out in the open mists. Our approach depends on a security saving characteristic based key administration plot that ensures the protection of clients while upholding quality based ACPs. 9. BIBLIOGRAPHY [1] J. Han, W. Susilo, Y. Mu and J. Yan, “Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption,” in Proc. IEEE Transactions on Parallel and Distributed Systems, 2012. [2] S. Garg, C. Gentry, S. Halevi, A. Sahai and B. Waters, “Attribute-Based Encryption for Circuits from Multilinear Maps,” in Proc. CRYPTO, pp.479-499, Springer-Verlag Berlin, Heidelberg, 2013. [3] S. Gorbunov, V. Vaikuntanathan and H. Wee, “Attribute-Based Encryption for Circuits,” in Proc. STOC, pp.545-554, ACM New York, NY, USA, 2013. [4] A. Sahai and B. Waters, “Fuzzy Identity Based Encryption,” in Proc. EUROCRYPT, pp.457-473, Springer-Verlag Berlin, Heidelberg, 2005. [5] R. Cramer and V. Shoup, ”Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack,” in Proc. SIAM Journal on Computing, vol. 33, NO. 1, pp.167-226, 2004. [6] D. Hofheinz and E. Kiltz R, ”Secure hybrid encryption from weakened key encapsulation,” in Proc. CRYPTO, pp.553-571, Springer-Verlag Berlin, Heidelberg, 2007. [7] K. Kurosawa and Y. Desmedt, ”A New Paradigm of Hybrid Encryption Scheme,” in Proc. CRYPTO, pp.426-442, Springer-Verlag Berlin, Heidelberg, 2004. [8] J. Li, X. Huang, J. Li, X. Chen and Y. Xiang, ”Securely Outsourcing Attribute-based Encryption with Checkability,” in Proc. IEEE Transactions on Parallel and Distributed Systems, 2013.



Recommendation
EssayHub’s Community of Professional Tutors & Editors
Tutoring Service, EssayHub
Professional Essay Writers for Hire
Essay Writing Service, EssayPro
Professional Custom
Professional Custom Essay Writing Services
In need of qualified essay help online or professional assistance with your research paper?
Browsing the web for a reliable custom writing service to give you a hand with college assignment?
Out of time and require quick and moreover effective support with your term paper or dissertation?