CONTENTS

1. Abstract .........................................................................................................3 2. Introduction....................................................................................................5-6 2.1. 2.2. General Introduction Pro ect !escri"tion

3. S#ste$ Anal#sis.............................................................................................%-1& 3.1. 3.2. 3.3. Ob ecti'es o( S#ste$ )ser *e+uire$ents ,ard-are And So(t-are *e+uire$ents

.. So(t-are !esi/n.............................................................................................11-3& ..1. ..2. ..3. !ata 0lo- !ia/ra$s So(t-are !escri"tion So(t-are Testin/

5. !atabase !esi/n.............................................................................................31-36 6. In"ut and Out"ut Screens...............................................................................3%-61 %. Conclusion......................................................................................................62-%& 1. 3iblio/ra"4#...................................................................................................%1-%2

ABSTRACT T4e ad'ent o( cloud co$"utin/5 data o-ners are $oti'ated to outsource t4eir co$"le6 data $ana/e$ent s#ste$s (ro$ local sites to co$$ercial "ublic cloud (or /reat (le6ibilit# and econo$ic sa'in/s. 3ut (or "rotectin/ data "ri'ac#5 sensiti'e data 4as to be encr#"ted be(ore outsourcin/5 -4ic4 obsoletes traditional data utili7ation based on "lainte6t 8e#-ord searc4. T4us5 enablin/ an encr#"ted cloud data searc4 ser'ice is o( "ara$ount i$"ortance. Considerin/ t4e lar/e nu$ber o( data users and docu$ents in cloud5 it is crucial (or t4e searc4 ser'ice to allo- $ulti-8e#-ord +uer# and "ro'ide result si$ilarit# ran8in/ to $eet t4e e((ecti'e data retrie'al need. *elated -or8s on searc4able encr#"tion (ocus on sin/le 8e#-ord searc4 or 3oolean 8e#-ord searc45 and rarel# di((erentiate t4e searc4 results. In t4is "a"er5 (or t4e (irst ti$e5 -e de(ine and sol'e t4e c4allen/in/ "roble$ o( "ri'ac#-"reser'in/ $ulti-8e#-ord ran8ed searc4 o'er encr#"ted cloud data 9:*SE;5 and establis4 a set o( strict "ri'ac# re+uire$ents (or suc4 a secure cloud data utili7ation s#ste$ to beco$e a realit#. A$on/ 'arious $ulti-8e#-ord se$antics5 -e c4oose t4e e((icient "rinci"le o( <coordinate $atc4in/=5 i.e.5 as $an# $atc4es as "ossible5 to ca"ture t4e si$ilarit# bet-een searc4 +uer# and data docu$ents5 and (urt4er use <inner "roduct si$ilarit#= to +uantitati'el# (or$ali7e suc4 "rinci"le (or si$ilarit# $easure$ent. >e (irst "ro"ose a basic :*SE sc4e$e usin/ secure inner "roduct co$"utation5 and t4en si/ni(icantl# i$"ro'e it to $eet di((erent "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. T4orou/4 anal#sis in'esti/atin/ "ri'ac# and e((icienc# /uarantees o( "ro"osed sc4e$es is /i'en5 and e6"eri$ents on t4e real--orld dataset (urt4er s4o- "ro"osed sc4e$es indeed introduce lo- o'er4ead on co$"utation and co$$unication.

Modules: I. ser'er Net-or8 c4ec8in/ !ata encr#"t Store to cloud ser'er Send decr#"ted 8e# to user

II. Cloud ser'er *etrie'e re+uest (ro$ user Searc4in/ inde6?ran8 calculation *es"onse to user

III. )ser *e+uest to cloud ser'er *etrie'e decr#"ted 8e# (ro$ ad$in @ docu$ent (ro$ cloud ser'er !ecr#"t (ile

Module Descriptions: I. Server T4e ser'er $aintain t4e (ollo-in/ "rocess5 Network Checking Initiali7in/ t4e ser'er to c4ec8 t4e net-or8 connection (ro$ cloud ser'er and user. T4e connections are success(ull#5 and t4en t4e "rocesses are e6ecuted. Data ncr!pt T4e $ain ser'er (irst encr#"ts t4e dataAs5 and t4en stored t4e cloud ser'er. Cloud ser'er is considered as <4onest-but-curious= in our $odel5 -4ic4 is consistent -it4 t4e $ost

related -or8s on searc4able encr#"tion. S"eci(icall#5 cloud ser'er acts in an <4onest= (as4ion and correctl# (ollo-s t4e desi/nated "rotocol s"eci(ication. Store to Cloud Server T4e cloud ser'er collects t4e so$e di((erent encr#"ted docu$ents. In t4is "rocess encr#"ted data to store -it4 cloud ser'er. Searc4 result s4ould be ran8ed b# cloud. T4e cloud ser'er accordin/ to so$e ran8in/ criteria. Send Decr!pted "e! to #ser T4e $ain ser'er encr#"ts t4e so$e docu$ents. It used b# t4e so$e encr#"tions 8e#s. 0inall# t4e users searc4 t4e docu$ent (ro$ t4e cloud ser'er. II. Cloud Server T4e cloud ser'er $aintain t4e "rocess5 Retrieve re$uest %ro& user T4e an#one user -ants to re+uest t4e data and t4en ser'er able to send t4e user re+uest. T4e retrie'e t4e data (ro$ ser'er to user. Searching inde'(rank calculation On t4e one 4and5 to $eet t4e e((ecti'e data retrie'al need5 lar/e a$ount o( docu$ents de$and cloud ser'er to "er(or$ result rele'ance ran8in/5 instead o( returnin/ undi((erentiated result. *an8ed searc4 can also ele/antl# eli$inate unnecessar# net-or8 tra((ic b# sendin/ bac8 onl# t4e $ost rele'ant data. Response to user T4e ser'er res"onse to users re+uest -it4 t4e ran8 and inde6 esti$ation -4ile searc4 a docu$ent in cloud. III. #ser T4e user $aintain t4e (ollo-in/ "rocess5 Re$uest to cloud server

T4e client re+uest (or our needs send to cloud ser'er. S"eci(icall#5 cloud ser'er acts in an <4onest= (as4ion and correctl# (ollo-s t4e desi/nated "rotocol s"eci(ication. *etrie'e decr#"ted 8e# (ro$ ad$in @ docu$ent (ro$ cloud ser'er All encr#"ted 8e# data to send to ad$in o( t4e cloud ser'er5 t4e ad$in to ta8e t4e encr#"ted data. T4en all t4e data to store in cloud ser'er. Decr!pt %ile T4e tri'ial solution o( do-nloadin/ all t4e data and decr#"tin/ locall# is clearl# i$"ractical5 due to t4e 4u/e a$ount o( band-idt4 cost in cloud scale s#ste$s. T4e access control $ec4anis$ is e$"lo#ed to $ana/e decr#"tion ca"abilities /i'en to users.

INTR)D#CTI)N Cloud co$"utin/ is t4e lon/ drea$ed 'ision o( co$"utin/ as a utilit#5 -4ere cloud custo$ers can re$otel# store t4eir data into t4e cloud so as to en o# t4e on-de$and 4i/4 +ualit# a""lications and ser'ices (ro$ a s4ared "ool o( con(i/urable co$"utin/ resources. Its /reat (le6ibilit# and econo$ic sa'in/s are $oti'atin/ bot4 indi'iduals and enter"rises to outsource t4eir local co$"le6 data $ana/e$ent s#ste$ into t4e cloud5 es"eciall# -4en t4e data "roduced b# t4e$ t4at need to be stored and utili7ed is ra"idl# increasin/. To "rotect data "ri'ac# and co$bat unsolicited accesses in cloud and be#ond5 sensiti'e data5 e./.5 e$ails5 "ersonal 4ealt4 records5 "4oto albu$s5 ta6 docu$ents5 (inancial transactions5 etc.5 $a# 4a'e to be encr#"ted b# data o-ners be(ore outsourcin/ to co$$ercial "ublic cloudB t4is5 4o-e'er5 obsoletes t4e traditional data utili7ation ser'ice based on "lainte6t 8e#-ord searc4. T4e tri'ial solution o( do-nloadin/ all t4e data and decr#"tin/ locall# is clearl# i$"ractical5 due to t4e 4u/e a$ount o( band-idt4 cost in cloud scale s#ste$s. :oreo'er5 aside (ro$ eli$inatin/ t4e local stora/e $ana/e$ent5 storin/ data into t4e cloud ser'es no "ur"ose unless t4e# can be easil# searc4ed and utili7ed. T4us5 e6"lorin/ "ri'ac#-"reser'in/ and e((ecti'e searc4 ser'ice o'er encr#"ted cloud data is o( "ara$ount i$"ortance. Considerin/ t4e "otentiall# lar/e nu$ber o( on de$and data users and 4u/e a$ount o( outsourced data docu$ents in cloud5 t4is "roble$ is "articularl# c4allen/in/ as it is e6tre$el# di((icult to $eet also t4e re+uire$ents o( "er(or$ance5 s#ste$ usabilit# and scalabilit#. On t4e one 4and5 to $eet t4e e((ecti'e data retrie'al need5 lar/e a$ount o( docu$ents de$and cloud ser'er to "er(or$ result rele'ance ran8in/5 instead o( returnin/ un di((erentiated result. Suc4 ran8ed searc4 s#ste$ enables data users to (ind t4e $ost rele'ant in(or$ation +uic8l#5 rat4er t4an burdenso$el# sortin/ t4rou/4 e'er# $atc4 in t4e content collection. *an8ed searc4 can also ele/antl# eli$inate unnecessar# net-or8

tra((ic b# sendin/ bac8 onl# t4e $ost rele'ant data5 -4ic4 is 4i/4l# desirable in t4e <"a#-as-#ou use= cloud "aradi/$. 0or "ri'ac# "rotection5 suc4 ran8in/ o"eration5 4o-e'er5 s4ould not lea8 an# 8e#-ord related in(or$ation. On t4e ot4er 4and5 to i$"ro'e searc4 result accurac# as -ell as en4ance user searc4in/ e6"erience5 it is also crucial (or suc4 ran8in/ s#ste$ to su""ort $ulti"le 8e#-ords searc45 as sin/le 8e#-ord searc4 o(ten #ields (ar too coarse result. As a co$$on "ractice indicated b# toda#As -eb searc4 en/ines 9e./.5 Goo/le searc4;5 data users $a# tend to "ro'ide a set o( 8e#-ords instead o( onl# one as t4e indicator o( t4eir searc4 interest to retrie'e t4e $ost rele'ant data. And eac4 8e#-ord in t4e searc4 re+uest is able to 4el" narro- do-n t4e searc4 result (urt4er. <Coordinate $atc4in/=5 i.e.5 as $an# $atc4es as "ossible5 is an e((icient "rinci"le a$on/ suc4 $ulti-8e#-ord se$antics to re(ine t4e result rele'ance5 and 4as been -idel# used in t4e "lainte6t in(or$ation retrie'al 9I*; co$$unit#. ,o-e'er5 4oto a""l# it in t4e encr#"ted cloud data searc4 s#ste$ re$ains a 'er# c4allen/in/ tas8 because o( in4erent securit# and "ri'ac# obstacles5 includin/ 'arious strict re+uire$ents li8e data "ri'ac#5 inde6 "ri'ac#5 8e#-ord "ri'ac#5 and $an# ot4ers 9see section III-3;. In t4e literature5 searc4able encr#"tion is a 4el"(ul tec4ni+ue t4at treats encr#"ted data as docu$ents and allo-s a user to securel# searc4 o'er it t4rou/4 sin/le 8e#-ord and retrie'e docu$ents o( interest. ,o-e'er5 direct a""lication o( t4ese a""roac4es to de"lo# secure lar/e scale cloud data utili7ation s#ste$ -ould not be necessaril# suitable5 as t4e# are de'elo"ed as cr#"to "ri$iti'es and cannot acco$$odate suc4 4i/4 ser'ice-le'el re+uire$ents li8e s#ste$ usabilit#5 user searc4in/ e6"erience5 and eas# in(or$ation disco'er# in $ind. Alt4ou/4 so$e recent desi/ns 4a'e been "ro"osed to su""ort 3oolean 8e#-ord searc4 as an atte$"t to enric4 t4e searc4 (le6ibilit#5 t4e# are still not ade+uate to "ro'ide users -it4 acce"table result ran8in/ (unctionalit# 9see section CI;. Our earl# -or8 4as been

a-are o( t4is "roble$5 and sol'es t4e secure ran8ed searc4 o'er encr#"ted data -it4 su""ort o( onl# sin/le 8e#-ord +uer#. 3ut 4o- to desi/n an e((icient encr#"ted data searc4 $ec4anis$ t4at su""orts $ulti 8e#-ord se$antics -it4out "ri'ac# breac4es still re$ains a c4allen/in/ o"en "roble$. In t4is "a"er5 (or t4e (irst ti$e5 -e de(ine and sol'e t4e "roble$ o( $ulti-8e#-ord ran8ed searc4 o'er encr#"ted cloud data 9:*SE; -4ile "reser'in/ strict s#ste$--ise "ri'ac# in cloud co$"utin/ "aradi/$. A$on/ 'arious $ulti-8e#-ord se$antics5 -e c4oose t4e e((icient "rinci"le o( <coordinate $atc4in/=5 i.e.5 as $an# $atc4es as "ossible5 to ca"ture t4e si$ilarit# bet-een searc4 +uer# and data docu$ents. S"eci(icall#5 -e use <inner "roduct si$ilarit#=5 i.e.5 t4e nu$ber o( +uer# 8e#-ords a""earin/ in a docu$ent5 to +uantitati'el# e'aluate t4e si$ilarit# o( t4at docu$ent to t4e searc4 +uer# in <coordinate $atc4in/= "rinci"le. !urin/ inde6 construction5 eac4 docu$ent is associated -it4 a binar# 'ector as a sub inde6 -4ere eac4 bit re"resents -4et4er corres"ondin/ 8e#-ord is contained in t4e docu$ent. T4e searc4 +uer# is also described as a binar# 'ector -4ere eac4 bit $eans -4et4er corres"ondin/ 8e#-ord a""ears in t4is searc4 re+uest5 so t4e si$ilarit# could be e6actl# $easured b# inner "roduct o( +uer# 'ector -it4 data 'ector. ,o-e'er5 directl# outsourcin/ data 'ector or +uer# 'ector -ill 'iolate inde6 "ri'ac# or searc4 "ri'ac#. To $eet t4e c4allen/e o( su""ortin/ suc4 $ulti 8e#-ord se$antic -it4out "ri'ac# breac4es5 -e "ro"ose a basic :*SE sc4e$e usin/ secure inner "roduct co$"utation5 -4ic4 is ada"ted (ro$ a secure 8-nearest nei/4bor tec4ni+ue5 and t4en i$"ro'e it ste" b# ste" to ac4ie'e 'arious "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. Our contributions are su$$ari7ed as (ollo-s5

1; 0or t4e (irst ti$e5 -e e6"lore t4e "roble$ o( $ulti 8e#-ord ran8ed searc4 o'er encr#"ted cloud data5 and establis4 a set o( strict "ri'ac# re+uire$ents (or suc4 a secure cloud data utili7ation s#ste$ to beco$e a realit#. 2; >e "ro"ose t-o :*SE sc4e$es (ollo-in/ t4e "rinci"le o( <coordinate $atc4in/= -4ile $eetin/ di((erent "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. 3; T4orou/4 anal#sis in'esti/atin/ "ri'ac# and e((icienc# /uarantees o( "ro"osed sc4e$es is /i'en5 and e6"eri$ents on t4e real--orld dataset (urt4er s4o- "ro"osed sc4e$es indeed introduce lo- o'er4ead on co$"utation and co$$unication. T4e re$ainder o( t4is "a"er is or/ani7ed as (ollo-s. In Section II5 -e introduce t4e s#ste$ and t4reat $odel5 our desi/n /oals5 and "reli$inar#. Section III describes :*SE (ra$e-or8 and "ri'ac# re+uire$ents5 (ollo-ed b# section IC5 -4ic4 /i'es our sc4e$es ac4ie'in/ e((icienc# and "ri'ac# re+uire$ents. A. S!ste& Model !ata o-ner 4as a collection o( data docu$ents 0 to be outsourced to cloud ser'er in t4e encr#"ted (or$ C. To enable t4e searc4in/ ca"abilit# o'er C (or e((ecti'e data utili7ation5 data o-ner5 be(ore outsourcin/5 -ill (irst build an encr#"ted searc4able inde6 I (ro$ 05 and t4en outsource bot4 t4e inde6 I and t4e encr#"ted docu$ent collection C to cloud ser'er. To searc4 t4e docu$ent collection (or t-o /i'en 8e#-ords5 an aut4ori7ed user ac+uires a corres"ondin/ tra"door T t4rou/4 searc4 control $ec4anis$s5 e./.5 broadcast encr#"tion. )"on recei'in/ T (ro$ data users5 cloud ser'er is res"onsible to searc4 t4e inde6 I and return t4e corres"ondin/ set o( encr#"ted docu$ents. To i$"ro'e docu$ent retrie'al accurac#5 searc4 result s4ould be ran8ed b# cloud ser'er accordin/ to so$e ran8in/ criteria 9e./.5 coordinate $atc4in/5 as -ill be introduced s4ortl#;. :oreo'er5 to reduce co$$unication cost5 data user $a# send an o"tional nu$ber 8 alon/ -it4 t4e tra"door T so t4at cloud ser'er onl# sends bac8 to"-8 docu$ents t4at are

$ost rele'ant to t4e searc4 +uer#. 0inall#5 t4e access control $ec4anis$ is e$"lo#ed to $ana/e decr#"tion ca"abilities /i'en to users.

B. Threat Model Cloud ser'er is considered as <4onest-but-curious= in our $odel5 -4ic4 is consistent -it4 t4e $ost related -or8s on searc4able encr#"tion. S"eci(icall#5 cloud ser'er acts in an <4onest= (as4ion and correctl# (ollo-s t4e desi/nated "rotocol s"eci(ication. ,o-e'er5 it is <curious= to in(er and anal#7e data 9includin/ inde6; in its stora/e and $essa/e (lo-s recei'ed durin/ t4e "rotocol so as to learn additional in(or$ation. 3ased on -4at in(or$ation cloud ser'er 8no-s5 -e consider t-o le'els o( t4reat $odels as (ollo-s. Dno-n Ci"4er te6t :odel In t4is $odel5 cloud ser'er is su""osed to onl# 8noencr#"ted dataset C and searc4able inde6 I5 bot4 o( -4ic4 are outsourced (ro$ data o-ner. Dno-n 3ac8/round :odel In t4is stron/er $odel5 cloud ser'er is su""osed to "ossess so$e bac8/rounds on t4e dataset5 suc4 as t4e sub ect and its related statistical in(or$ation5 in addition to -4at can be accessed in 8no-n ci"4er te6t $odel. As an instance o( "ossible attac8s in t4is case5 cloud ser'er could utili7e docu$ent (re+uenc# or 8e#-ord (re+uenc# to identi(# 8e#-ords in t4e +uer#. C. Design *oals To enable ran8ed searc4 (or e((ecti'e utili7ation o( outsourced cloud data under t4e a(ore$entioned $odel5 our s#ste$ desi/n s4ould si$ultaneousl# ac4ie'e securit# and "er(or$ance /uarantees as (ollo-s. :ulti-8e#-ord *an8ed Searc4E To desi/n searc4 sc4e$es -4ic4 allo- $ulti-8e#-ord +uer# and "ro'ide result si$ilarit# ran8in/ (or e((ecti'e data retrie'al5 instead o( returnin/ undi((erentiated results. Pri'ac#-Preser'in/E To "re'ent cloud ser'er (ro$ learnin/ additional in(or$ation (ro$ dataset and inde65 and to $eet "ri'ac# re+uire$ents s"eci(ied in section III-3. E((icienc#E Abo'e /oals on

(unctionalit# and "ri'ac# s4ould be ac4ie'ed -it4 lo- co$$unication and co$"utation o'er4ead.

T4e encr#"tion is a 4el"(ul tec4ni+ue t4at treats encr#"ted data as docu$ents and allo-s a user to securel# searc4 o'er it t4rou/4 sin/le 8e#-ord and retrie'e docu$ents o( interest. T4e direct a""lication o( t4ese a""roac4es to de"lo# secure lar/e scale cloud data utili7ation s#ste$ -ould not be necessaril# suitable5 as t4e# are de'elo"ed as cr#"to "ri$iti'es and cannot acco$$odate suc4 4i/4 ser'ice-le'el re+uire$ents li8e s#ste$ usabilit#5 user searc4in/ e6"erience5 and eas# in(or$ation disco'er# in $ind. Disadvantage: Far/e scale cloud utili7ation /ets less securit# Ser'ice le'el is not ell (or users

In t4is "ro ect5 de(ine and sol'e t4e "roble$ o( $ulti-8e#-ord ran8ed searc4 o'er encr#"ted cloud data 9:*SE; -4ile "reser'in/ strict s#ste$--ise "ri'ac# in cloud co$"utin/ "aradi/$. A$on/ 'arious $ulti-8e#-ord se$antics5 -e c4oose t4e e((icient "rinci"le o( <coordinate $atc4in/=5 it $an# $atc4es as "ossible5 to ca"ture t4e si$ilarit# bet-een searc4 +uer# and data docu$ents. S"eci(icall#5 -e use <inner "roduct si$ilarit#=5 t4e nu$ber o( +uer# 8e#-ords a""earin/ in a docu$ent5 to +uantitati'el# e'aluate t4e si$ilarit# o( t4at docu$ent to t4e searc4 +uer# in <coordinate $atc4in/= "rinci"le. To i$"ro'e 'arious "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. T4e (irst ti$e5 -e e6"lore t4e "roble$ o( $ulti 8e#-ord ran8ed searc4 o'er encr#"ted cloud data5 and establis4 a set o( strict "ri'ac# re+uire$ents (or suc4 a secure cloud data utili7ation s#ste$ to beco$e a realit#. T4e "ro"ose t-o :*SE sc4e$es (ollo-in/ t4e "rinci"le o(

<coordinate $atc4in/= -4ile $eetin/ di((erent "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. T4orou/4 anal#sis in'esti/atin/ "ri'ac# and e((icienc# /uarantees o( "ro"osed sc4e$es is /i'en5 and e6"eri$ents on t4e real--orld dataset (urt4er s4o"ro"osed sc4e$es indeed introduce lo- o'er4ead on co$"utation and co$$unication. Advantage: :ulti 8e# -ord ran8in/ (or secure t4e cloud data Searc4in/ on t4e encr#"ted data -ill /i'e an e6"ected data

Modules: I. ser'er Net-or8 c4ec8in/ !ata encr#"t Store to cloud ser'er Send decr#"ted 8e# to user

II. Cloud ser'er *etrie'e re+uest (ro$ user Searc4in/ inde6?ran8 calculation *es"onse to user

III. )ser *e+uest to cloud ser'er *etrie'e decr#"ted 8e# (ro$ ad$in @ docu$ent (ro$ cloud ser'er !ecr#"t (ile

Module Descriptions: I. Server T4e ser'er $aintain t4e (ollo-in/ "rocess5

Network Checking Initiali7in/ t4e ser'er to c4ec8 t4e net-or8 connection (ro$ cloud ser'er and user. T4e connections are success(ull#5 and t4en t4e "rocesses are e6ecuted. Data ncr!pt T4e $ain ser'er (irst encr#"ts t4e dataAs5 and t4en stored t4e cloud ser'er. Cloud ser'er is considered as <4onest-but-curious= in our $odel5 -4ic4 is consistent -it4 t4e $ost related -or8s on searc4able encr#"tion. S"eci(icall#5 cloud ser'er acts in an <4onest= (as4ion and correctl# (ollo-s t4e desi/nated "rotocol s"eci(ication. Store to Cloud Server T4e cloud ser'er collects t4e so$e di((erent encr#"ted docu$ents. In t4is "rocess encr#"ted data to store -it4 cloud ser'er. Searc4 result s4ould be ran8ed b# cloud. T4e cloud ser'er accordin/ to so$e ran8in/ criteria. Send Decr!pted "e! to #ser T4e $ain ser'er encr#"ts t4e so$e docu$ents. It used b# t4e so$e encr#"tions 8e#s. 0inall# t4e users searc4 t4e docu$ent (ro$ t4e cloud ser'er. II. Cloud Server T4e cloud ser'er $aintain t4e "rocess5 Retrieve re$uest %ro& user T4e an#one user -ants to re+uest t4e data and t4en ser'er able to send t4e user re+uest. T4e retrie'e t4e data (ro$ ser'er to user. Searching inde'(rank calculation On t4e one 4and5 to $eet t4e e((ecti'e data retrie'al need5 lar/e a$ount o( docu$ents de$and cloud ser'er to "er(or$ result rele'ance ran8in/5 instead o( returnin/ undi((erentiated result. *an8ed searc4 can also ele/antl# eli$inate unnecessar# net-or8 tra((ic b# sendin/ bac8 onl# t4e $ost rele'ant data.

Response to user T4e ser'er res"onse to users re+uest -it4 t4e ran8 and inde6 esti$ation -4ile searc4 a docu$ent in cloud. III. #ser T4e user $aintain t4e (ollo-in/ "rocess5 Re$uest to cloud server T4e client re+uest (or our needs send to cloud ser'er. S"eci(icall#5 cloud ser'er acts in an <4onest= (as4ion and correctl# (ollo-s t4e desi/nated "rotocol s"eci(ication. *etrie'e decr#"ted 8e# (ro$ ad$in @ docu$ent (ro$ cloud ser'er All encr#"ted 8e# data to send to ad$in o( t4e cloud ser'er5 t4e ad$in to ta8e t4e encr#"ted data. T4en all t4e data to store in cloud ser'er. Decr!pt %ile T4e tri'ial solution o( do-nloadin/ all t4e data and decr#"tin/ locall# is clearl# i$"ractical5 due to t4e 4u/e a$ount o( band-idt4 cost in cloud scale s#ste$s. T4e access control $ec4anis$ is e$"lo#ed to $ana/e decr#"tion ca"abilities /i'en to users.

+ARD,AR - S).T,AR S/ CI.ICATI)NS

0.1 +ARD,AR R 2#IR M NTS:

Processor Processor S"eed *A: ,ard !is8

E E E E

Intel P-IC s#ste$ 25&:,7 to 133:,7 512:3 *A: .&G3

0.3 S).T,AR R 2#IR M NTS:

O"eratin/ S#ste$ !atabase Ser'er side tec4nolo/# Ser'er side scri"tin/ Client side scri"tin/ >eb-Ser'er E

>indo-s GP S+l Ser'er E ASP.Net ASP ,T:F IIS

E E E

So%tware Description: ,indows 4/: >indo-s GP is a line o( "ro"rietar# o"eratin/ s#ste$s de'elo"ed b# :icroso(t (or use on /eneral-"ur"ose co$"uter s#ste$s5 includin/ 4o$e and business des8to"s5 noteboo8 co$"uters5 and $edia centers. T4e letters HGPH stand (or e6"erience. T4e o"eratin/ s#ste$ >indo-s GP is t4e successor to t4e o"eratin/ s#ste$s >indo-s 2&&& and >indo-s :E and is t4e (irst consu$er-oriented o"eratin/ s#ste$ "roduced b# :icroso(t to be built on t4e >indo-s NT 8ernel and arc4itecture. >indo-s GP -as (irst released on October 255 2&&15 and o'er .&& $illion co"ies are in use5 accordin/ to a Ianuar# 2&&6 esti$ate b# an I!C anal#st. It is succeeded b# >indo-s Cista5 -4ic4 -as released to 'olu$e license custo$ers on No'e$ber 15 2&&6 and -orld-ide to t4e /eneral "ublic on Ianuar# 3&5 2&&%. T4e $ost co$$on editions o( t4e o"eratin/ s#ste$ are >indo-s GP ,o$e Edition5 -4ic4 is tar/eted at 4o$e users5 and >indo-s GP Pro(essional5 -4ic4 4as additional (eatures suc4 as su""ort (or >indo-s Ser'er do$ains and dual "rocessors and is tar/eted at "o-er users and business clients. >indo-s GP :edia Center Edition 4as additional $ulti$edia (eatures en4ancin/ t4e abilit# to record and -atc4 TC s4o-s5 'ie- !C! $o'ies5 and listen to $usic. >indo-s GP Tablet PC Edition is desi/ned to run t4e in8-a-are Tablet PC "lat(or$. T-o se"arate 6.-bit 'ersions o( >indo-s GP -ere also released5 >indo-s GP 6.-bit Edition (or IA-6. 9Itaniu$; "rocessors and >indo-s GP Pro(essional 66. Edition (or 616-6. "rocessors. >indo-s GP is 8no-n (or its i$"ro'ed stabilit# and e((icienc# o'er "re'ious 'ersions o( :icroso(t >indo-s. It "resents a si/ni(icantl# redesi/ned /ra"4ical user inter(ace5 a

c4an/e :icroso(t "ro$oted as $ore user-(riendl# t4an "re'ious 'ersions o( >indo-s. Ne- so(t-are $ana/e$ent ca"abilities -ere introduced to a'oid t4e H!FF 4ellH t4at "la/ued older consu$er 'ersions o( >indo-s. It is also t4e (irst 'ersion o( >indo-s to use "roduct acti'ation to co$bat so(t-are "irac#5 a restriction t4at did not sit -ell -it4 so$e users and "ri'ac# ad'ocates. >indo-s GP 4as also been critici7ed b# so$e users (or securit# 'ulnerabilities5 ti/4t inte/ration o( a""lications suc4 as Internet E6"lorer and >indo-s :edia Pla#er5 and (or as"ects o( its user inter(ace. >indo-s GP 4ad been in de'elo"$ent since earl# 12225 -4en :icroso(t started -or8in/ on >indo-s Ne"tune5 an o"eratin/ s#ste$ intended to be t4e H,o$e EditionH e+ui'alent to >indo-s 2&&& Pro(essional. It -as e'entuall# cancelled and beca$e >4istler5 -4ic4 later beca$e >indo-s GP. :an# ideas (ro$ Ne"tune and Od#sse# 9anot4er cancelled >indo-s 'ersion; -ere used in >indo-s GP T4e ne- 'ersion o( >indo-s re"resents an i$"ortant c4an/e (ro$ t4e "re'ious 'ersions. Since >indo-s 25 -as released t4e successi'e 'ersions 4ad onl# been an e'olution (ro$ t4e ori/inal5 ne'ert4eless on t4is occasion a $ore i$"ortant c4an/e -as "roduced because t4e 'er# center or "ernel o% the operating s!ste& has 5een changed. Alt4ou/4 it $a# see$ to t4e user t4at no radical c4an/es -ere $ade5 it could be said t4at >indo-s GP is not ust anot4er 'ersion o( >indo-s but "racticall# a -4ole ne- s#ste$. )ntil no- :icroso(t 4ad t-o di((erent o"eratin/ s#ste$s5 >indo-s 21 (or "ersonal or do$estic use and >indo-s NT?2&&& (or t4e business and "ro(essional en'iron$ent. >it4 >indo-s GP a con'er/ence a$on/ bot4 'ersions is "roduced. T4e center o( t4e o"eratin/ s#ste$ >indo-s 2&&& -as di'ided to create >indo-s GP5 and so$e ad ust$ents -ere done to di((erentiate >indo-s GP +o&e dition and >indo-s GP

/ro%essional Edition. T4e $ain bene(it o( t4is strate/# (or t4e do$estic users is /oin/ to

be

t4at

,indows

4/

has

ac$uired

the

sturdiness

and

sta5ilit!

o(

>indo-s.NET?2&&&5 -4ic4 s4ould i$"l# t4at >indo-s GP -ill cras4 (e-er ti$es5 and t4at t4ere -ill be (e-er occasions -4en -e 4a'e to restart t4e s#ste$ as a result o( an error. T4e i$"ro'e$ent (or "ro(essional users is t4at ,indows 4/ has greater co&pati5ilit! with the hardware t4an >indo-s NT ? 2&&&. >indo-s GP 4as a ne- user s#ste$ co$"letel# di((erent (ro$ >indo-s 21. T4is ne- s#ste$ 4as been in4erited (ro$ >indo-s NT ? 2&&&. No- 'arious users -it4 inde"endent "ro(iles can be de(ined. T4is $eans t4at eac4 user can 4a'e di((erent "er$issions t4at -ill allo- 4i$ to carr# out certain tas8s. Eac4 user -ill 4a'e a di((erent start $enu and its o-n $# docu$ents (older t4at -ill be able to be "rotected b# "ass-ord. T4ere is also a (older to -4ic4 all t4e users 4a'e access -4ere t4e docu$ents t4at -ant to be s4ared -it4 ot4er users can be "laced. To u$" (ro$ one userJs account to anot4er is not necessar# to turn o(( t4e co$"uter nor t4at a user closes -4at 4e -as doin/5 one $ust si$"l# initiate a ne- session -it4 anot4er user and later itJs "ossible to /o bac8 to t4e ot4er session -4ic4 -ill re$ain in t4e sa$e state it -as le(t. T4e s#ste$ 4andles t4e di((erent acti'e users -it4out inter(erences. Microso%t 6isual Studio :icroso(t Cisual Studio is :icroso(tAs (la/s4i" so(t-are de'elo"$ent "roduct (or co$"uter "ro/ra$$ers. It centers on an inte/rated distribution en'iron$ent -4ic4 4as "ro/ra$$ers create stand alone5 and -eb ser'ices t4at run on an# "lat(or$s su""orted b# :icroso(tAs .Net 0ra$e-or8 9(or all 'ersions a(ter 6;. Su""orted "lat(or$s include :icroso(t -indo-s5 ser'ers and -or8stations5 Poc8et PC5 S$art P4ones and >orld >ide >eb bro-sers not t4e Ia'a Cirtual :ac4ine t4at all ot4er a'a tools tar/et. 6IS#A7 ST#DI) 3889

T4e $ost i$"ortant lan/ua/e added in t4is 'ersion -as t4e introduction o( /enerics5 -4ic4 are si$ilar in $an# as"ects to CKK te$"lates. T4is "otentiall# increases t4e nu$ber o( bu/s cau/4t at co$"ile- ti$e instead o( run- ti$e b# encoura/in/ t4e use o( strict t#"e c4ec8in/ in areas -4ere it -as not "ossible be(ore5 CKK also /ot a si$ilar u"/rade -it4 t4e addition o( CKK?CFI -4ic4 is slated to re"lace t4e use o( :ana/ed CK K. Ot4er ne- (eatures o( Cisual Studio 2&&5 include t4e <!e'elo"$ent !esi/ner= -4ic4 allo-s a""lication desi/ns to be 'alidated be(ore de"lo#$ents5 an i$"ro'ed en'iron$ent (or -eb "ublis4in/ -4en co$bined -it4 ASP.NET 2.& and load testin/ to see a""lication "er(or$ance under 'arious sorts o( user loads. Cisual Studio 2&&5 also added e6tensi'e 6.- bit su""ort. >4ile t4e de'elo"$ent en'iron$ent itsel( onl# a'ailable as a 32- bit a""lication5 'isual CKK 2&&5 su""orts co$"ilin/ (or 966.A:!6. and E:6.T; as -ell as IA- 6. 9Itaniu$;. T4e "lat(or$s S!D include 6.- bit and 6.-bit 'ersions o( t4e libraries. Net .ra&ework SD" T4e .NET (ra$e-or8 is an inte/ral -indo-s co$"onent t4at su""orts buildin/ and runnin/ t4e ne6t /eneration o( a""lications and G:F -eb ser'ices. T4e 8e# co$"onent o( t4e .NET (ra$e -or8 are t4e co$$on lan/ua/e run ti$e and t4e . NET (ra$e -or8 class librar#5 -4ic4 includes A!O.NET5 ASP.NET and -indo-s (or$s. T4e .NET (ra$e-or8 "ro'ides a $ana/ed e6ecution en'iron$ent si$"li(ied de'elo"$ent and de"lo#$ent and inte/ration -it4 a -ide 'ariet# o( "ro/ra$$in/ lan/ua/es. T4is (ra$e-or8 is $ade u" o( t4e (ollo-in/ "artsE T4e co$$on lan/ua/e runti$e9CF*; T4e base class libraries. Ob ect oriented internet de'elo"$ent -it4 ASP.NET *ic4 client user inter(ace usin/ -indo-s (or$s

*A! (or t4e internet usin/ -eb (or$s

)verview o% the .Net .ra&e ,ork: T4e .NET (ra$e-or8 is a ne- co$"utin/ "lat(or$ t4at si$"li(ies a""lication de'elo"$ent in t4e 4i/4l# distributed en'iron$ent o( t4e internet. T4e .NET (ra$e-or8 is desi/ned to (ul(ill (ollo-in/ ob ecti'esE To "ro'ide a consistent ob ect oriented "ro/ra$$in/ en'iron$ent -4et4er ob ect code is stored and e6ecuted locall# but internet- distributed or e6ecuted re$otel#. To "ro'ide a code e6ecution en'iron$ent t4at $ini$i7es so(t-are de"lo#$ent and 'ersionin/ con(licts. To "ro'ide a code e6ecution en'iron$ent t4at /uarantees sa(e e6ecution o( code5 includin/ code created b# an un8no-n or se$i trusted t4ird "art#. To "ro'ide a code e6ecution en'iron$ent t4at eli$inates t4e "er(or$ance "roble$ o( scri"ted or inter"reted en'iron$ents. To $a8e t4e de'elo"er e6"erience consistent across -idel# t#"es o( a""lication5 suc4 as -indo-s based a""lications and -eb based a""lications. To build all co$$unication on industr# standards to ensure t4at code based on t4e .NET (ra$e-or8 can inte/rate -it4 an# ot4er code. T4e .NET (ra$e-or8 4as t-o $ain co$"onentsE t4e co$$on lan/ua/e runti$e and t4e .Net (ra$e-or8 class librar#. T4e co$$on lan/ua/e runti$e is t4e (oundation o( t4e .NET (ra$e-or8. Lou can t4in8 o( t4e runti$e as an a/ent t4at $ana/es code at

e6ecution ti$e5 and re$o'in/ -4ile also en(orcin/ strict t#"e sa(el# and ot4er (or$s o( code accurac# t4at ensure securit# and robustness in (act t4e conce"t o( code $ana/e$ent is a (unda$ental "rinci"le o( t4e runti$e. Code t4at tar/ets t4e runti$e is 8no-n as $ana/ed code5 -4ile code t4at does not tar/et t4e runti$e is 8no-n as un $ana/ed code. T4e class librar#5 t4e ot4er $ain co$"onent o( t4e .NET (ra$e-or8s is a co$"re4ensi'e5 ob ect-oriented collection reusable t#"es t4at #ou can use to de'elo" a""lications ran/in/ (ro$ traditional co$$and line or /ra"4ical user inter(ace 90G)I; a""lications to a""lication base d on t4e latest inno'ations "ro'ided b# ASP.NET5 suc4 as -eb (or$s and G:F -eb ser'ices. T4e .NET (ra$e-or8 can be 4osted b# un$ana/ed co$"onent t4at load t4e co$$on lan/ua/e runti$e into t4eir "rocesses and initiate t4e e6ecution o( $ana/ed code. ASP.NET -or8s directl# -it4 t4e runti$e to enable ASP.NET a""lication and G:F -eb ser'ices5 bot4 o( -4ic4 are discussed later in t4is to"ic5 Internet e6"lorer is an e6a$"le o( un$ana/ed a""lication t4at 4osts t4e runti$e 9in t4e (or$ o( a :I:E t#"e e6tension;. )sin/ internet e6"lorer to t4e 4ost runti$e enables #ou to e$bed $ana/ed co$"onents or -indo-s (or$s controls in ,T:F docu$ents. ,ostin/ t4e runti$e in t4is -a# $a8es $obile code 2si$ilar to :icroso(t Acti'e G controls; "ossible5 but -it4 si/ni(icant i$"ro'e$ent t4at onl# $ana/ed code can o((er5 suc4 as se$i-trusted e6ecution and secure isolated (ile stora/e. T4e (ollo-in/ illustration s4o-s t4e relations4i" o( t4e co$$on lan/ua/e runti$e and t4e class librar# to #our a""lication and to t4e o'erall s#ste$. T4e illustration also s4o-s 4o- $ana/ed code o"erated -it4 in a lar/er arc4itecture. >e can use t4e .NET (ra$e-or8 to de'elo" t4e (ollo-in/ t#"es o( a""lication and ser'icesE Console a""lications

>indo- G)I a""lication 9>indo-s 0or$s; ASP.NET a""lications G:F >eb ser'ices >indo-s ser'ices

Co&&on 7anguage Runti&e :C7R; T4e co$$on lan/ua/e runti$e 9CF*; is res"onsible (or runt-ti$e ser'ices suc4 as lan/ua/e inte/rationB securit# en(orce$entB and $e$or#5 "rocess and t4read $ana/e$ent. In addition5 it 4as a roll at de'elo"$ent ti$e -4en (eatures suc4 as li(e c#cle $ana/e$ent stron/ t#"e na$in/5 cross-lan/ua/e e6ce"tion 4andlin/5 d#na$ic bindin/ and so on5 reduce t4e a$ount o( code t4at a de'elo"er $ust -rite to turn t4e business lo/ic t4e reusable co$"onent. T4e runti$e can be 4osted b# 4i/4 "er(or$ance5 ser'er-side a""lications5 suc4 a s :icroso(t Internet In(or$ation Ser'ices 9IIS; (or buildin/ -eb a""lications -it4 ASP.NE and t4e ne6t release o( :icroso(t SMF Ser'er. T4is in(rastructure enables #ou to use code <$ana/ed < b# t4e .NET (ra$e-or8 to -rite #our business lo/ic5 -4ile still en o#in/ t4e su"erior "er(or$ance o( t4e industr#As best enter"rises ser'ers t4at su""ort runti$e 4ostin/. AS/.N T ASP.NET is a set o( :icroso(t.NET (ra$e-or8 tec4nolo/ies used (or buildin/ -eb a""lications and G:F >eb ser'ices. ASP.NET "a/e e6ecute on t4e ser'er and /enerate $ar8u" suc4 as ,T:F5 >:F or G:F t4at is sent to a des8to" or $obile bro-ser. ASP.NET "a/es use a co$"iled5 e'ent-dri'en "ro/ra$$in/ $odel t4at i$"ro'es "er(or$ance and enables t4e se"aration o( a""lication lo/ic and user inter(ace. 3ot4 ASP.NET "a/es and ASP.NET -eb ser'ices (iles contain ser'er-side 9as o""osed to

client side lo/ic; -ritten in Cisual basic .NET5 CN.NET or an# .NET co$"atible lan/ua/e5 >eb a""lications and G:F >eb Ser'ices ta8e ad'anta/e o( t4e (eatures o( t4e co$$on lan/ua/e runti$e5 suc4 as t#"e sa(et#5 in4eritance5 lan/ua/e5 intero"erabilit#5 'ersionin/5 and inte/rated securit#.

IIS :icroso(t Internet In(or$ation S.er'ices 9IISB (or$erl# called Ser'er is a set o( Internetbased ser'ices (or ser'ers usin/ :icroso(t >indo-s. It is t4e -orldAs second $ost "o"ular -eb ser'er in ter$s o( o'erall -ebsites. As o( Se"te$ber 2&&% it ser'ed 3..2.O o( all -ebsites and 36.63O o( all acti'e -ebsites accordin/ to Net cra(t. T4e ser'ers currentl# include 0TP5 S:TP5 NNTOP5 and ,TTP?,TTPS. AD).N T A!O.NET "ro'ides consistent access to data sources suc4 a :icroso(t SMF Ser'er and G:F5 as -ell as to data sources e6"osed t4rou/4 OFE !3 and O!3C. !ata s4arin/ consu$er a""lications can use A!O.NET to connect to t4ese data sources and retrie'e5 $ani"ulate and u"date t4e data t4at t4e# contain. A!O.NET se"arates data access (ro$ data $ani"ulation into discrete co$"onents t4at can be used se"aratel# or in tande$. A!O.NET includes .NET 0ra$e -or8 data

"ro'iders (or connectin/ to a database5 e6ecutin/ co$$ands and retrie'in/ results. T4ose results are eit4er "rocessed directl#5 "laced in and A!O.NET !ataset ob ects in order to be e6"osed to t4e used in an ad 4oc $anner5 co$bined -it4 data (ro$ $ulti"le sources or re$ote bet-een tiers. T4e A!O.NET !ataset ob ect can also be used

inde"endentl# o( a .NET 0ra$e-or8 data "ro'ider to $ana/e data local to t4e a""lication or sourced (ro$ G:F.

T4e A!O.NET classes are (ound in S#ste$.!ata.dll and are inte/rated -it4 t4e G:F classes (ound in S#ste$.G$l.dll. >4en co$"ilin/ code t4at uses t4e S#ste$. !ata5 na$es"ace re(erence bot4 S#ste$.!ata.dll and S#ste$.G$l.dll.

A!O.NET "ro'ided (unctionalit# to de'elo"ers -ritin/ $ana/ed code si$ilar to t4e (unctionalit# "ro'ided to nati'e co$"onent ob ect $odel 9CO:; de'elo"ers b# Acti'eG !ata Ob ects 9A!O;. AD).N T C)M/)N NTS T4ere are t-o co$"onents o( A!O.NET t4at #ou can use to access and $ani"ulate dataE .NET 0ra$e-or8 data "ro'iders. T4e !ataset

.Net .ra&ework Data /roviders T4e .NET 0ra$e-or8 !ata "ro'iders are co$"onents t4at 4a'e been e6"licitl# desi/ned (or data $ani"ulation and (ast5 (or-ard-onl#5 read-onl# access to data. T4e connection ob ect "ro'ides connecti'it# to a data source. T4e co$$and ob ect enables access to database co$$ands to return data5 $odi(# data5 run stored "rocedures and send or retrie'e "ara$eter in(or$ation. T4e !ata Ada"ter "ro'ides a 4i/4-"er(or$ance strea$ o( data (ro$ t4e data source. 0inall#5 t4e !ata Ada"ter "ro'ides t4e brid/e bet-een t4e !ataset ob ect and t4e data source. T4e !ata Ada"ter uses co$$and ob ect to e6ecute SMF co$$ands at t4e data source to bot4 load t4e !ataset -it4 data and reconcile c4an/es $ade to t4e data in t4e !ataset bac8 to t4e data source. The Dataset T4e A!O.NET !ataset is e6"licitl# desi/ned (or data access inde"endent o( an# data source. As a result5 it can be used -it4 $ulti"le and di((erin/ data sources used -it4 G:F data or used to $ana/e data local to t4e a""lication. T4e !ataset contains a

collection n o( one or $ore !ata Table ob ects $ade u" to ro-s and colu$ns o( data as -ell as "ri$ar# 8e#5 (orei/n 8e#5 constraint and relation in(or$ation about t4e data in t4e !ata Table ob ects.

Bene%its o% Ado.Net A!O.NET o((ers se'eral ad'anta/es o'er "re'ious 'ersions o( A!O and o'er ot4er data access co$"onents. T4ese bene(its (all into t4e (ollo-in/ cate/oriesE Intero"erabilit# :aintainabilit# Pro/ra$$abilit# Salabilit#

Microso%t Data Access Co&ponents :icroso(t !ata Access Co$"onents 9:!AC; is a collection o( core (iles "ro'ided to 4el" a""lications b# "ro'idin/ a $eans o( accessin/ data. :!AC includes core (iles (or O"en !atabase Connecti'it# 9O!3C;5 Acti'eG !ata Ob ects 9A!O;5 OFE!35 Net-or8 libraries and client con(i/uration tool (or SMF Ser'er. !e"endin/ on #our data access strate/#5 #ou $a# need to ensure t4at :!AC is installed on t4e client co$"uters5 t4e business ser'ers5 t4e >eb ser'ers or t4e database ser'ers. :!AC 2.6 or later is re+uired b# t4e .NET 0ra$e-or8 and at least :!AC 2.% SP1 is reco$$ended.

So%tware Testing Testin/ is t4e "rocess o( detectin/ errors. Testin/ "er(or$s a 'er# critical role (or +ualit# assurance and (or ensurin/ t4e reliabilit# o( so(t-are. /s!cholog! o% Testing T4e ai$ o( testin/ is o(ten to de$onstrate t4at a "ro/ra$ -or8s b# s4o-in/ t4at it 4as no errors. T4e basic "ur"ose o( testin/ "4ase is to detect t4e errors t4at $a# be "resent in t4e "ro/ra$. ,ence one s4ould not start testin/ -it4 t4e intent o( s4o-in/ t4at a "ro/ra$ -or8s5 but t4e intent s4ould be to s4o- t4at a "ro/ra$ doesnAt -or8. Testin/ is t4e "rocess o( e6ecutin/ a "ro/ra$ -it4 t4e intent o( (indin/ errors. Testing )5<ectives: T4e $ain ob ecti'e o( testin/ is to unco'er a 4ost o( errors5 s#ste$aticall# and -it4 $ini$u$ e((ort and ti$e. Statin/ (or$all#5 -e can sa#5 Testin/ is a "rocess o( e6ecutin/ a "ro/ra$ -it4 t4e intent o( (indin/ an error. A success(ul test is one t4at unco'ers an as #et undisco'ered error. A /ood test case is one t4at 4as a 4i/4 "robabilit# o( (indin/ error5 i( it e6ists. T4e tests are inade+uate to detect "ossibl# "resent errors.

T4e ste"s in'ol'ed in Testin/ areE #nit Testing: )nit testin/ (ocuses 'eri(ication e((orts on t4e s$allest unit o( t4e so(t-are desi/n5 t4e $odule. T4is is also 8no-n as <:odule Testin/=. T4e $odules are tested se"aratel#. T4is testin/ carried out durin/ "ro/ra$$in/ sta/e itsel(. In t4is testin/ eac4 $odule is (ound to be -or8in/ satis(actoril# as re/ards to t4e e6"ected out"ut (ro$ t4e $odule.

Integration Testing: !ata can be /rossed across an inter(aceB one $odule can 4a'e ad'erse e((orts on anot4er. Inte/ration testin/ is s#ste$atic testin/ (or construction t4e "ro/ra$ structure -4ile at t4e sa$e ti$e conductin/ tests to unco'er errors associated -it4 in t4e inter(ace. T4e ob ecti'e is to ta8e unit tested $odules and build a "ro/ra$ structure. All t4e $odules are co$bined and tested as a -4ole. ,ere correction is di((icult because t4e isolation o( cause is co$"licate b# t4e 'ast e6"ense o( t4e entire "ro/ra$. T4us in t4e inte/ration testin/ sto"5 all t4e errors unco'ered are corrected (or t4e te6t testin/ ste"s. S!ste& Testing: S#ste$ testin/ is t4e sta/e o( i$"le$entation t4at is ai$ed at ensurin/ t4at t4e s#ste$ -or8s accuratel# and e((icientl# (or li'e o"eration co$$ences. Testin/ is 'ital to t4e success o( t4e s#ste$. S#ste$ testin/ $a8es a lo/ical assu$"tion t4at i( all t4e "arts o( t4e s#ste$ are correct5 t4en /oal -ill be success(ull# ac4ie'ed. T4e (our $a or s#ste$ testin/ isE *eco'er# Testin/ Securit# Testin/ Stress Testin/ Per(or$ance Testin/

Recover! Testing: *eco'er# testin/ is a s#ste$ test t4at (orces t4e so(t-are to (ail in a 'ariet# o( -a#s and 'eri(ies t4at reco'er# is "ro"erl# "er(or$ed. I( reco'er# is auto$atic5 re-initiali7ation5 c4ec8"oint $ec4anis$s5 data reco'er#5 and restart are eac4 e'aluated (or correctness. I( reco'er# re+uires 4u$an inter'ention5 t4e $ean ti$e to re"air is e'aluated to deter$ine -4et4er it is -it4in acce"table li$its.

Securit! Testing: Securit# testin/ atte$"ts to 'eri(# t4at "rotection $ec4anis$s built into a s#ste$ -ill5 in (act5 "rotect it (ro$ i$"ro"er "enetration. !urin/ securit# testin/5 t4e tester "la#s t4e role o( t4e indi'idual -4o desire to "enetrate t4e s#ste$. Gi'en enou/4 ti$e and resources5 /ood securit# testin/ -ill ulti$atel# "enetrate a s#ste$. T4e role o( t4e s#ste$ desi/ner is to $a8e "enetration cost $ore t4an t4e 'alue o( t4e in(or$ation t4at -ill be obtained. Stress Testing: !urin/ earlier so(t-are testin/ ste"s5 -4ite bo6 and blac8 bo6 tec4ni+ues resulted in a t4orou/4 e'aluation o( nor$al "ro/ra$ (unctions and "er(or$ance. Stress tests are desi/ned to con(ront "ro/ra$s -it4 abnor$al situations. /er%or&ance Testing: 0or real-ti$e and e$bedded s#ste$s5 so(t-are t4at "ro'ides re+uired (unction but does not con(ir$ to "er(or$ance re+uire$ents is unacce"table. Per(or$ance testin/ is

desi/ned to test t4e run-ti$e "er(or$ance o( so(t-are -it4in t4e conte6t o( an inte/rated s#ste$. Per(or$ance testin/ occurs t4rou/4out all ste"s in t4e testin/ "rocess. Per(or$ance tests are so$eti$es cou"led -it4 stress testin/ and o(ten re+uire bot4 4ard-are and so(t-are instru$entation. T4at is5 it is o(ten necessar# to $easure

resource utili7ation. 3# incre$entin/ a s#ste$5 t4e tester can unco'er situations t4at lead to de/radation and "ossible s#ste$ (ailure. 6alidation Testing: At t4e conclusion o( inte/ration testin/ so(t-are is co$"letel# asse$bled as a "ac8a/e5 inter(acin/ errors 4a'e been unco'ered and corrected and a (inal series o( so(t-are tests be/ins5 'alidation test be/ins. Calidation test can be de(ined in $an# -a#s. 3ut t4e si$"le de(inition is t4at 'alidation succeeds -4en t4e so(t-are (unction in a $anner t4at

can reasonabl# e6"ected b# t4e custo$er. A(ter 'alidation test 4as been conducted one o( t-o "ossible conditions e6ists. One is t4e (unction or "er(or$ance c4aracteristics con(ir$ to s"eci(ications and are acce"ted and t4e ot4er is de'iation (ro$ s"eci(ication is unco'ered and a de(icienc# list is created. Pro"osed s#ste$ under consideration 4as been tested b# usin/ 'alidation testin/ and (ound to be -or8in/ satis(actoril#. )utput Testing: A(ter "er(or$in/ 'alidation testin/5 t4e ne6t ste" is out"ut testin/ o( t4e "ro"osed s#ste$ since no s#ste$ could be use(ul i( it does not "roduce t4e re+uired out"ut in t4e s"eci(ied (or$at. As8in/ t4e users about t4e (or$at re+uired b# t4e$ tests t4e out"uts /enerated b# t4e s#ste$ under consideration. ,ere t4e out"ut (or$at is considered in t-o -a#s5 one is on t4e screen and ot4er is t4e "rinted (or$at. T4e out"ut (or$at on t4e screen is (ound to be correct as t4e (or$at -as desi/ned in t4e s#ste$ desi/ned "4ase accordin/ to t4e user needs. 0or t4e 4ard co"# also t4e out"ut co$es as t4e s"eci(ied re+uire$ents b# t4e users. ,ence out"ut testin/ does not result an# corrections in t4e s#ste$. #ser Acceptance Testing: )ser acce"tance o( a s#ste$ is t4e 8e# (actor o( t4e success o( an# s#ste$. T4e s#ste$ under stud# is tested (or t4e user acce"tance b# constantl# 8ee"in/ in touc4 -it4 t4e "ros"ecti'e s#ste$ users at t4e ti$e o( de'elo"in/ and $a8in/ c4an/es -4ere'er re+uired. Test Data: Ta8in/ 'arious 8inds o( test data does t4e abo'e testin/. Pre"aration o( test data "la#s a 'ital role in t4e s#ste$ testin/ a(ter "re"arin/ t4e test data t4e s#ste$ under stud# is tested usin/ t4e test data. >4ile testin/ t4e s#ste$ b# usin/ t4e test data errors are a/ain

unco'ered and corrected b# usin/ abo'e testin/ ste"s and corrections are also noted (ro$ t4e (uture use. Testing: T4e testin/ done 4ere -as S#ste$ Testin/Pc4ec8in/ -4et4er t4e user re+uire$ents -ere satis(ied. T4e code (or t4e ne- s#ste$ 4as been -ritten co$"letel# usin/ ISP as t4e codin/ lan/ua/e5 ,T:F as t4e inter(ace (or (ront-end desi/nin/ and Ia'a Scri"t (or 'alidatin/ t4e client-side a""lications. T4e ne- s#ste$ 4as been tested -ell -it4 t4e 4el" o( t4e users and all t4e a""lications 4a'e been 'eri(ied (ro$ e'er# noo8 and corner o( t4e user. Alt4ou/4 so$e a""lications -ere (ound to be erroneous t4ese a""lications 4a'e been corrected be(ore bein/ i$"le$ented. T4e (lo- o( t4e (or$s 4as been (ound to be 'er# $uc4 in accordance -it4 t4e actual (lo- o( data.

DATA .7), DIA*RAMS:

Fig: 1

Fig: 2

.ile #ploads Ta5le:

C*EATE TA3FE QdboR.Qu"loadsR9 QsnoR Qn'arc4arR95&; N)FF5 Q(na$eR Qn'arc4arR925&; N)FF5 Qcata/or#sR Qn'arc4arR925&; N)FF5 Qe(na$eR Qn'arc4arR925&; N)FF5 Q(ilesR Q'arbinar#R9$a6; N)FF5 Qe6tensionR Qn'arc4arR925&; N)FF5 Qlen/t4R Qn'arc4arR925&; N)FF5 Q7i"sR Qn'arc4arR925&; N)FF ; ON QP*I:A*LR GO SET ANSISPA!!ING O00 GO

.ile #sage Ta5le:

C*EATE TA3FE QdboR.Q(ileusa/eR9 QsnoR Qn'arc4arR95&; N)FF5 Q(na$eR Qn'arc4arR9$a6; N)FF5 QcountsR Qn'arc4arR95&; N)FF ; ON QP*I:A*LR GO

.ile Download Ta5le:

C*EATE TA3FE QdboR.Qdo-nloadsR9 QsnoR Qn'arc4arR95&; N)FF5 Q(na$eR Qn'arc4arR915&; N)FF5 Quna$eR Qn'arc4arR915&; N)FF5 Q$ailidR Qn'arc4arR95&; NOT N)FF5 QcellsR Qnc4arR91&; N)FF ; ON QP*I:A*LR GO

Ad&in Ta5le:

C*EATE TA3FE QdboR.QAd$insR9 QI!R Qbi/intR I!ENTITL9151; NOT N)FF5 Quna$eR Qn'arc4arR95&; N)FF5 Q"assR Qn'arc4arR95&; N)FF5 CONST*AINT QPDSAd$insR P*I:A*L DEL CF)STE*E! 9 QI!R ASC ;>IT, 9PA!SIN!EG IGNO*ES!)PSDEL T T O005 STATISTICSSNO*ECO:P)TE O005 AFFO>S*O>SFOCDS T O005 T ON5

AFFO>SPAGESFOCDS T ON; ON QP*I:A*LR ; ON QP*I:A*LR GO

Fo/in Pa/eE

,o$e Pa/eE

0ile )"loadE

!o-nload !etailsE

Searc4 Pa/eE

Searin/ 0ile *e/istration Pa/eE

!o-nload Con(or$ation Pa/eE

C4an/e Pass-ordE

18. Conclusion: >e de(ine and sol'e t4e "roble$ o( $ulti-8e#-ord ran8ed searc4 o'er encr#"ted cloud data5 and be/in a 'ariet# o( "ri'ac# re+uire$ents. A$on/ di((erent $ulti-8e#-ord se$antics5 -e c4oose t4e e((icient "rinci"le o( <coordinate $atc4in/=5 as $an# $atc4es as "ossible5 to e((ecti'el# ca"ture si$ilarit# bet-een +uer# 8e#-ords and outsourced docu$ents5 and use <inner "roduct si$ilarit#= to +uantitati'el# (or$ali7e suc4 a "rinci"le (or si$ilarit# $easure$ent. 0or $eetin/ t4e c4allen/e o( su""ortin/ $ulti8e#-ord se$antic -it4out "ri'ac# breac4es5 t4e "ro"ose a basic :*SE sc4e$e usin/ secure inner "roduct co$"utation5 and si/ni(icantl# i$"ro'e it to ac4ie'e "ri'ac# re+uire$ents in t-o le'els o( t4reat $odels. T4orou/4 anal#sis in'esti/atin/ "ri'ac# and e((icienc# /uarantees o( "ro"osed sc4e$es is /i'en5 and e6"eri$ents on t4e real--orld dataset s4o- our "ro"osed sc4e$es introduce lo- o'er4ead on bot4 co$"utation and co$$unication.

>e 4a'e "resented a 'ie- o( cross-site and cross-do$ain collaborati'e securit# b# -a# o( s4arin/ content-based alerts a$on/ sites. It is to e'er#oneAs bene(it to s4are i$"ortant in(or$ation -it4out 'iolatin/ "olicies t4at in4ibit t4e disclosure o( in(or$ation. In "articular5 content-based alerts /enerated b# locall#-trained "a#load ano$al# detectors re'eals an o""ortunit# to detect t4e earl# onset o( 7ero-da# -or$ or tar/eted attac8s. >e "resented a co$"arati'e e'aluation o( alternati'e correlation strate/ies and accurac# $easures usin/ test data sets -it4 8no-n -or$ e6"loits5 and included a "ro"osed esti$ate o( t4e <"ri'ac# /ain= eac4 $et4od a((ords. T4is is i$"ortant in a""roac4in/ t4e "roble$ anal#ticall# in order to 4el" brea8 do-n barriers to collaboration. >e (ind t4at cross-site and cross-do$ain "ri'ac#-"reser'in/ <sus"ect "a#load= alert s4arin/ is

(easible and use(ul as re'ealed in t4e anal#sis o( 3loo$ (iltered c4an/ed alerts encodin/ sus"ect ano$alous n-/ra$s. T4e tec4ni+ues 4old "ro$ise (or ot4er "ur"oses as -ell. 0or e6a$"le5 sites $a# e6c4an/e t4eir res"ecti'e ano$al# detection $odels to $easure t4eir res"ecti'e <content (lo- di'ersit#=5 enablin/ esti$ation o( t4e relati'e 'alue o( di((erent ano$al# alerts /enerated b# di((erent sites. :ore si$ilar sites $a# 4a'e a 4i/4er c4ance o( detectin/ co$$on e6"loits. 0inall#5 "ri'ac#-"reser'in/ content alerts $a# also be use(ul (or ot4er "roble$s5 suc4 as collaborati'e s"a$ (ilterin/5 sus"icious content detection (or co$$and-and-control data strea$s5 etc.

.#T#R ,)R" >ide-scale de"lo#$ent5 cross-site e'aluation. T4ese tec4ni+ues are s"eci(icall# desi/ned to be de"lo#ed at $an# encla'es to increase t4e correlation "o-er and con(idence "ro'ided b# sensors at di((erent sites -it4 di((erent content (lo-s. Our distributed collaborati'e intrusion detection "lat(or$ (ocused on slo-5 stealt4# alert scan correlation -it4 COTS I!S sensors. >e are inte/ratin/ t4e -or8 re"orted in t4is "a"er -it4 a ne- and substantiall# di((erent content e6c4an/e and s4arin/ net-or8 8no-n as !NA!-2 9!istributed Net-or8 Ano$al# !etection; and see8 collaborators to s4are t4eir res"ecti'e sus"icious content detected b# -4ate'er local sensors $a# be a'ailable to t4e$. Pol#$or"4ic?ob(uscated -or$ detection and $i$icr# attac8. As su//ested b# section .5 n-/ra$ anal#sis 4as t4e "otential o( detectin/ "ol#$or"4ic -or$s5 e./.5. >4ile t4e "roble$ beco$es si/ni(icantl# 4arder as "ol#$or"4ic -or$ en/ines launc4 $i$icr# attac8s to $as8 t4e$sel'es5 suc4 attac8s are /enerall# sites"eci(ic. Intersectin/ n-/ra$ 30s across sites $a# "ro'ide t4e o""ortunit# to identi(# e'en t4e (e- b#tes o( in'ariant co$$on <code= t4at a""ear an#-4ere in suc4 attac8s.

,a'in/ $ore 30s t4at can correlate t4ese s4ort re/ions increases t4e con(idence in 4a'in/ (ound t4e correct sni""ets. ,i/4-entro"# re/ions5 suc4 as t4ose containin/ "ol#$or"4ic or ob(uscated code5 -ould li8el# not be correlated.

11. BIB7I)*RA/+= T4e (ollo-in/ boo8s -ere re(erred durin/ t4e anal#sis and e6ecution "4ase o( t4e "ro ect

S).T,AR

N*IN

RIN*

3# *o/er s. Press$an

C)M/7 T +TM7

Ste'en ,ol7ner

#NI.I D M)D 7IN* 7AN*#A* 3# Grad# 3ooc45 *anbau/45 Iacobson

S27 .)R /R). SSI)NA7S 3# Iain

C>.N T Black Book 3# E'an/eleous Petersons

MSDN 3889 3# :icroso(t