Beruflich Dokumente
Kultur Dokumente
INTRODUCTION
1.1 GENERAL:
The prevalence of cloud computing may indirectly incur vulnerability to the confidentiality of
outsourced data and the privacy of cloud users. A particular challenge here is on how to guarantee that
only authorized users can gain access to the data, which has been outsourced to cloud, at anywhere and
anytime. One naive solution is to employ encryption technique on the data prior to uploading to cloud.
However, the solution limits further data sharing and processing. This is so because a data owner needs
to download the encrypted data from cloud and further re-encrypt them for sharing (suppose the data
owner has no local copies of the data). A fine-grained access control over encrypted data is desirable in
the context of cloud computing. Ciphertext-Policy Attribute-Based Encryption (CPABE) may be an
effective solution to guarantee the confidentiality of data and provide fine-grained access control here.
In a CP-ABE based cloud storage system, for example, organizations (e.g., a university such as the
University of Texas at San Antonio) and individuals (e.g., students, faculty members and visiting
scholars of the university) can first specify access policy over attributes of a potential cloud user.
Authorized cloud users then are granted access credentials (i.e., decryption keys) corresponding to their
attribute sets (e.g., student role, faculty member role, or visitor role), which can be used to obtain access
to the outsourced data. As a robust one-to-many encryption mechanism, CP-ABE offers a reliable
method to protect data stored in cloud, but also enables fine-grained access control over the data.
1.2. OBJECTIVE
We propose Crypt Cloud+, an accountable authority and revocable CPABE based cloud storage system
with white-box traceability and auditing. To the best of our knowledge, this is the first practical solution
to secure fine-grained access control over encrypted data in cloud. Specifically, in our work, we first
present a CP-ABE based cloud storage framework. Using this (generic) framework, we propose two
accountable authority and revocable CP-ABE systems (with white box traceability and auditing) that are
fully secure in the standard model, referred to as ATER-CP-ABE and ATIR-CPABE, respectively.
1
1.3 EXISTING SYSTEM:
Secure cloud storage, which is an emerging cloud service, is designed to protect the confidentiality of
outsourced data but also to provide flexible data access for cloud users whose data is out of physical
control. The existing CP-ABE based cloud storage systems fail to consider the case where access
credential is misused. For instance, a university deploys a CPABE based cloud storage system to
outsource encrypted student data to cloud under some access policies that are compliant with the
relevant data sharing and privacy legislation.
2
1.5 LITERATURE SURVEY
TITLE : Sedasc: Secure data sharing in clouds
AUTHOR : Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan
YEAR : 2017
DESCRIPTION
Cloud storage is an application of clouds that liberates organizations from establishing in-house data
storage systems. However, cloud storage gives rise to security concerns. In case of group-shared data,
the data face both cloud-specific and conventional insider threats. Secure data sharing among a group
that counters insider threats of legitimate yet malicious users is an important research issue. In this
paper, we propose the Secure Data Sharing in Clouds (SeDaSC) methodology that provides: 1) data
confidentiality and integrity; 2) access control; 3) data sharing (forwarding) without using compute-
intensive re-encryption; 4) insider threat security; and 5) forward and backward access control.
DESCRIPTION
The cloud computing exhibits, remarkable potential to provide cost effective, easy to manage, elastic,
and powerful resources on the fly, over the Internet. The cloud computing, upsurges the capabilities of
the hardware resources by optimal and shared utilization. The above mentioned features encourage the
organizations and individual users to shift their applications and services to the cloud. Even the critical
infrastructure, for example, power generation and distribution plants are being migrated to the cloud
computing paradigm. However, the services provided by third-party cloud service providers entail
additional security threats. The migration of user’s assets (data, applications, etc.) outside the
administrative control in a shared environment where numerous users are collocated escalates the
security concerns. This survey details the security issues that arise due to the very nature of cloud
computing.
3
TITLE : Attribute-based encryption supporting direct/indirect revocation modes
AUTHOR : Nuttapong Attrapadung and Hideki Imai.
YEAR : 2009
DESCRIPTION
Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by
specifying access policies among private keys and ciphertexts. In this paper, we focus on ABE that
supports revocation. Currently, there are two available revocable ABE schemes in the literature. Their
revocation mechanisms, however, differ in the sense that they can be considered as direct and indirect
methods. Indirect revocation enforces revocation by the key authority who releases a key update
material periodically in such a way that only non-revoked users can update their keys (hence, revoked
users’ keys are implicitly rendered useless). An advantage of the indirect method over the direct one is
that it does not require senders to know the revocation list. In contrast, an advantage of the direct method
over the other is that it does not involve key update phase for all non-revoked users interacting with the
key authority. In this paper, we present the first Hybrid Revocable ABE scheme that allows senders to
select on-the-fly when encrypting whether to use either direct or indirect revocation
DESCRIPTION
A key distribution scheme for dynamic conferences is a method by which initially an trusted server
distributes private individual pieces of in- formation to a set of users. Later each member of any group
of users of given size can compute a common secure group key. In this setting any group of t users can
compute a common key by each user computing using only his private initial piece of information and
the identities of the other t - 1 users in the group. Keys are secure against coalition of to k users, that is,
even if k users pool together their pieces they cannot compute anything about a key of any t-size
conference comprised of other users. In this paper, we introduce an algorithm for such perfectly secure
scheme by using Pell's equation.
4
TITLE : Iot-based big data storage systems in cloud computing.
AUTHOR : Hongming Cai, Boyi Xu, Lihong Jiang, and Athanasios V. Vasilakos.
YEAR : 2017
DESCRIPTION
Internet of Things (IoT) related applications have emerged as an important field for both engineers and
researchers, reflecting the magnitude and impact of data-related problems to be solved in contemporary
business organizations especially in cloud computing. This paper first provides a functional framework
that identifies the acquisition, management, processing and mining areas of IoT big data, and several
associated technical modules are defined and described in terms of their key characteristics and
capabilities. Then current research in IoT application is analyzed, moreover, the challenges and
opportunities associated with IoT big data research are identified. We also report a study of critical IoT
application publications and research topics based on related academic and industry publications.
TITLE : Improved dual system ABE in prime-order groups via predicate encodings
AUTHOR : Jie Chen, Romain Gay, and Hoeteck Wee.
YEAR : 2015
DESCRIPTION
We present a modular framework for the design of efficient adaptively secure attribute-based encryption
(ABE) schemes for a large class of predicates under the standard k -Lin assumption in prime-order
groups; this is the first uniform treatment of dual system ABE across different predicates and across both
composite and prime-order groups. Via this framework, we obtain concrete efficiency improvements for
several ABE schemes. Our framework has three novel components over prior works: (i) new techniques
for simulating composite-order groups in prime-order ones, (ii) a refinement of prior encodings
framework for dual system ABE in composite-order groups, (iii) an extension to weakly attribute-hiding
predicate encryption (which includes anonymous identity-based encryption as a special case).
5
TITLE : jpbc: Java pairing based Cryptography
AUTHOR : Angelo De Caro and Vincenzo Iovino
YEAR : 2011
DESCRIPTION
It has been recently discovered that some cyclic groups that could be used in Cryptography admit a
special bilinear pairing map that introduces extra structure to the group. Bilinear pairing maps were first
used to break cryptosystems (see, for example,) and later it was realized that the extra structure could be
exploited to build cryptosystems with extra properties. Boneh and Franklins identity-based encryption
scheme is the most famous early example of what could be achieved using bilinear maps. After that, a
plethora of cryptosystems have been designed using bilinear maps. No full and freely available
implementation of pairing based cryptography was available until this work. Moreover, neither one of
implements pre-processing that is crucial to reduce the computation time. In this work, we present jPBC
a Java port of the PBC library written in C. jPBC provides a full ecosystem of interfaces and classes to
simplify the use of the bilinear maps even for a non-cryptographer.
DESCRIPTION
Currently, searchable encryption is a hot topic in the field of cloud computing. The existing
achievements are mainly focused on keyword-based search schemes, and almost all of them depend on
predefined keywords extracted in the phases of index construction and query. However, keyword-based
search schemes ignore the semantic representation information of users’ retrieval and cannot completely
match users’ search intention. In this paper, for the first time, we define and solve the problems of
semantic search based on conceptual graphs(CGs) over encrypted outsourced data in clouding
computing (SSCG).
6
CHAPTER 2
PROJECT DESCRIPTION
2.1 GENERAL:
An overview of the approach we use to realize the traceability of malicious cloud users, accountable
authority, auditing and malicious cloud users revocation is briefly introduced below. As previously
discussed, to trace malicious cloud users leaking access credentials, we use a Paillier-like encryption as
an extractable commitment to achieve white-box traceability. Specifically, the extractable commitment
allows us to commit the identity of a user when he/she requests for access credential.
The commitment is regarded as a part of the credential. Due to the hiding and binding technique of
the Paillier-like extractable commitment, a user cannot reveal and further “modify” the identity which is
“encoded” in the credential. The algorithm Trace allows us to use a trapdoor for the commitment to
recover the user’s identity from the corresponding credential.
2.2 METHODOLOGIES
2.2.1 MODULES NAME:
This project having the following six modules:
User Interface Design
Data Owners
Public Cloud Server (Encrypt Data Storage Server & Decrypt )
Auditor
User
Admin
7
2.2.2 USER INTERFACE DESIGN:
Welcom
e Page
Public Cloud
Login server Server
Registrati
on
Page
8
2.2.3 DATA OWNERS
DataOwner1
Data Owner1 Register &
Login
Data Owner2
Security Key
Generation & View
Files
9
2.2.4 PUBLIC CLOUD SERVER:
PC Server
10
2.2.5 Auditor:
Auditor Login
Traceability of
malicious cloud
users.
11
2.2.6 USER (AUTHORIZED USER & UNAUTHORIZED USER)
User Login
12
2.2.7 ADMIN
Admin Login
Display All
Admin Page DO Details Cloud Database
Display All
User Details
13
2.2.8 GIVEN INPUT EXPECTED OUTPUT:
User Interface
Input: Enter login name and password.
Output: If valid user means directly open the home page otherwise show the error message and redirect
to the registration page.
Data Owners
Input: Data Owners name, Password and Server Name
Output: Data Owners Upload files, encrypting files, key generating, view upload files, view user
profiles.
Auditor
Input: Auditor authentication name and Password.
Output: Auditor view all users details then given activation & Trace malicious cloud users.
User
Input: User register, login, decrypts files, download files and verify.
Output: User tack all permission to auditor action after that verify DO also.
Admin
Input: Admin login, verify encryption data key and verify data.
Output: On clicking on each hyperlink he will be able to see what operations DO, Traceability Details
& Users are doing in the cloud.
14
2.3 TECHNIQUE USED OR ALGORITHM USED
AES algorithm.
Cryptographic algorithm that can be used to protect electronic data. It is used for both encrypting and
decrypting the data. In the context of Attribute-Based Encryption (ABE), Sahai and Waters initially
introduce the notion of ABE, which is subsequently formalized Specifically, Goyal et al. define Key-
Policy Attribute-Based Encryption (KP-ABE) and Ciphertext-Policy Attribute-Based Encryption (CP-
ABE). Since then, a range of ABE schemes have been proposed in the literature While these schemes
are designed to achieve better efficiency, expressiveness and security, they do not address traceability
and revocation issues. Li et al. introduce the notion of accountable CP-ABE to prevent unauthorized key
distribution among colluded users. In a later work a user accountable multi-authority CP-ABE system is
proposed. Liu et al. also proposed white-box and black-box traceability 1 CP-ABE systems supporting
policy expressiveness in any monotone access structures. Propose several practical CP-ABE systems
with white-box traceability and black-box traceability. Provide a tracing mechanism of CP-ABE to find
the leaked access credentials in cloud storage system. A number of attribute revocation solutions for CP-
ABE systems have also been proposed in the literature. Define the problem of revocable storage and
provide a fully secure construction for ABE based on ciphertext delegation. Propose a revocable multi-
authority CP-ABE system that achieves both forward and backward security. More recently, Propose an
attribute updating method to achieve the dynamic change on attribute (such as revoking previous
attribute and re-granting previously revoked attribute). However, the aforementioned research works do
not consider the misbehavior of key generation authority, the feasibility of auditing, and the revocation
(of misbehaver). These are the problems that we target to address in this paper.
15
CHAPTER 3
REQUIREMENTS ENGINEERING
3.1 GENERAL
The PC is honest-but-curious in the sense that it may curiously gather more information about the
outsourced (encrypted) data but will not deviate from the specification (i.e. correctly executing tasks
assigned by DOs). AT is semi trusted in the sense that it may (re-)distribute access credentials to those
who are unauthorized but generate system parameters (to be shared with AU) honestly.
HARDWARE
PROCESSOR : PENTIUM IV 2.6 GHz, Intel Core 2 Duo.
RAM : 512 MB DD RAM
MONITOR : 15” COLOR
HARD DISK : 40 GB
16
SOFTWARE
FRONT END : J2EE (JSP, SERVLET)
BACK END : MY SQL 5.5
OPERATING SYSTEM : WINDOWS 7
IDE : ECLIPSE
17
6.The ATER-CP-ABE provides an explicitly revocation mechanism where a revocation list is specified
explicitly into the algorithm Encrypt, while the ATIRCP- ABE offers an implicitly revocation where the
encryption does not need to know the revocation list but a key update operation is required periodically.
18
CHAPTER 4
DESIGN ENGINEERING
4.1 GENERAL
Design Engineering deals with the various UML [Unified Modelling language] diagrams for the
implementation of project. Design is a meaningful engineering representation of a thing that is to be
built. Software design is a process through which the requirements are translated into representation of
the software. Design is the place where quality is rendered in software engineering. Design is the means
to accurately translate customer requirements into finished product.
4.2 USE CASE DIAGRAM
Register
Login
Upload Files
Data Owners
Auditor
Key Generated & Encrypted File
Users
Admin
19
4.3 CLASS DIAGRAM:
Uplaod : Upload
Public Cloud : Public Cloud User : User
Admin : Admin
Download : Download
21
4.5 STATE CHART DIAGRAM
Public Cloud
File Uploading
Register Successfully
User Login
Login
Admin Login
Login successfully
Auditor
Admin
24
4.8 ACTIVITY DIAGRAM
View Data
Encrypted Data
View User Details
Cloud Database
25
4.9 COMPONENT DIAGRAM
Admin
Decrypt &
Download Files
26
4.10 DATA FLOW DIAGRAM:
Level 0:
Auditor Login
Traceability of
malicious cloud users.
27
Level 2:
User Login
28
4.11 E-R DIAGRAM:
Userna Filenam
me e
PC Upload
Data
Server File
Owner
Encryp
Securit
Passwor t
y Key
d
Trust Authorize
Userna Name d
me Addre
ss
Validat Auditor
User Admin
e
Email Password
Passwo Checking Unauthoriz
rd ed
29
4.12 System Architecture
30
CHAPTER 5
DEVELOPMENT TOOLS
5.1 GENERAL
This chapter is about the software language and the tools used in the development of the project. The platform
used here is JAVA. The Primary languages are JAVA, J2EE and J2ME. In this project J2EE is chosen for
implementation.
Almost all collections in Java are derived from the java.util.Collection interface. Collection defines the
basic parts of all collections. The interface states the add() and remove() methods for adding to and
removing from a collection respectively. Also required is the toArray() method, which converts the
collection into a simple array of all the elements in the collection. Finally, the contains() method checks
if a specified element is in the collection. The Collection interface is a sub interface
of java.util.Iterable, so the iterator() method is also provided. All collections have an iterator that goes
through all of the elements in the collection. Additionally, Collection is a generic. Any collection can be
written to store any class. For example, Collection<String> can hold strings, and the elements from the
collection can be used as strings without any casting required.
There Are Three Main Types Of Collections:
Lists: always ordered, may contain duplicates and can be handled the same way as usual arrays
Sets: cannot contain duplicates and provide random access to their elements
33
Maps: connect unique keys with values, provide random access to its keys and may host
duplicate values
LIST
Lists are implemented in the JCF via the java.util.List interface. It defines a list as essentially a more
flexible version of an array. Elements have a specific order, and duplicate elements are allowed.
Elements can be placed in a specific position. They can also be searched for within the list. Two
concrete classes implement List. The first is java.util.ArrayList, which implements the list as an array.
Whenever functions specific to a list are required, the class moves the elements around within the array
in order to do it. The other implementation is java.util.LinkedList. This class stores the elements in
nodes that each have a pointer to the previous and next nodes in the list. The list can be traversed by
following the pointers, and elements can be added or removed simply by changing the pointers around
to place the node in its proper place.
SET:
Java's java.util.Set interface defines the set. A set can't have any duplicate elements in it.
Additionally, the set has no set order. As such, elements can't be found by index. Set is implemented
by java.util.HashSet,java.util.LinkedHashSet, and java.util.TreeSet. HashSet uses a hash table. More
specifically, it uses a java.util.HashMap to store the hashes and elements and to prevent duplicates.
Java.util.LinkedHashSet extends this by creating a doubly linked list that links all of the elements by
their insertion order. This ensures that the iteration order over the set is
predictable. java.util.TreeSet uses a red-black tree implemented by a java.util.TreeMap. The red-black
tree makes sure that there are no duplicates. Additionally, it allows Tree Set to
implement java.util.SortedSet.
The java.util.Set interface is extended by the java.util.SortedSet interface. Unlike a regular set, the
elements in a sorted set are sorted, either by the element's compareTo() method, or a method provided to
the constructor of the sorted set. The first and last elements of the sorted set can be retrieved, and subsets
can be created via minimum and maximum values, as well as beginning or ending at the beginning or
ending of the sorted set. The SortedSet interface is implemented by java.util.TreeSet.
java.util.SortedSet is extended further via the java.util.NavigableSet interface. It's similar to
SortedSet, but there are a few additional methods. The floor(), ceiling(), lower(), and higher() methods
34
find an element in the set that's close to the parameter. Additionally, a descending iterator over the items
in the set is provided. As with SortedSet, java.util.TreeSet implements NavigableSet.
MAP:
Maps are defined by the java.util.Map interface in Java. Maps are simple data structures that associate a
key with a value. The element is the value. This lets the map be very flexible. If the key is the hash code
of the element, the map is essentially a set. If it's just an increasing number, it becomes a list. Maps are
implemented by java.util.HashMap, java.util.LinkedHashMap, and java.util.TreeMap. HashMap uses a
hash table. The hashes of the keys are used to find the values in various buckets. LinkedHashMap
extends this by creating a doubly linked list between the elements. This allows the elements to be
accessed in the order in which they were inserted into the map. TreeMap, in contrast to HashMap and
LinkedHashMap, uses a red-black tree. The keys are used as the values for the nodes in the tree, and the
nodes point to the values in the map.
THREAD:
Simply put, a thread is a program's path of execution. Most programs written today run as a single
thread, causing problems when multiple events or actions need to occur at the same time. Let's say, for
example, a program is not capable of drawing pictures while reading keystrokes. The program must give
its full attention to the keyboard input lacking the ability to handle more than one event at a time. The
ideal solution to this problem is the seamless execution of two or more sections of a program at the same
time.
CREATING THREADS:
Java's creators have graciously designed two ways of creating threads: implementing an interface and
extending a class. Extending a class is the way Java inherits methods and variables from a parent class.
In this case, one can only extend or inherit from a single parent class. This limitation within Java can be
overcome by implementing interfaces, which is the most common way to create threads. (Note that the
act of inheriting merely allows the class to be run as a thread. It is up to the class to start() execution, etc.)
Interfaces provide a way for programmers to lay the groundwork of a class. They are used to design the
requirements for a set of classes to implement. The interface sets everything up, and the class or classes
35
that implement the interface do all the work. The different set of classes that implement the interface
have to follow the same rules.
5.3 CONCLUSION
Swing's high level of flexibility is reflected in its inherent ability to override the native host operating
system (OS)'s GUI controls for displaying itself. Swing "paints" its controls using the Java 2D APIs,
rather than calling a native user interface toolkit. The Java thread scheduler is very simple. All threads
have a priority value which can be changed dynamically by calls to the threads setPriority() method .
Implementing the above concepts in our project to do the efficient work among the Server.
36
CHAPTER 6
IMPLEMENTATION
6.1 GENERAL
In the implementation part total project source code implemented. It will be useful for the user to
understand for the source code. It containts about the owner registration, user registration, admin login,
user login, data owner login.
This chapter describes the implementation of our project.
</body>
</html>
DataOwnerLogin.java
package com.User;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
38
import javax.servlet.http.HttpSession;
import com.Bean.DataOwnerBean;
import com.Connections.Connections;
import com.Implementations.Implementation;
import com.Interfaces.UserInterface;
@WebServlet("/DataOwnerLogin")
public DataOwnerLogin() {
super();
response.setContentType("text/html;charset=UTF-8");
String id=request.getParameter("id");
String password=request.getParameter("password");
String server=request.getParameter("server");
System.out.println("UserLogin");
39
bean1.setId(id);
bean1.setPassword(password);
bean1.setServer(server);
String result=ui.dataownerlogin1(bean1);
HttpSession session1=request.getSession();
session1.setAttribute("uid",id);
session1.setAttribute("uname",result);
session1.setAttribute("password",password);
session1.setAttribute("server",server);
String n1="DataOwner1";
String n2="DataOwner2";
String n3="DataOwner3";
HttpSession session=request.getSession();
try
String name=null;
Connection con=Connections.con();
Statement st = con.createStatement();
40
String sss = "select * from dataowner where id='"+id+"' && password='"+password+"' &&
server='"+server+"' ";
ResultSet rs=st.executeQuery(sss);
if(rs.next())
{ try {
Connection con1=Connections.con();
String sss1 = "select * from dataowner where id='"+id+"' && password='"+password+"' &&
server='"+server+"'";
ResultSet rs1=st1.executeQuery(sss1);
while(rs1.next())
name=rs1.getString("name");
session.setAttribute("sname",name);
if(name.equals(n1))
{ response.sendRedirect("adminhome.jsp");
else if(name.equals(n2))
{ response.sendRedirect("DataOwner2Home.jsp");
}
41
else if(name.equals(n3))
{ response.sendRedirect("DataOwner3Home.jsp");
} }
catch(Exception e2)
out.println(e2.getMessage());
} }
else {
response.sendRedirect("DataOwnerLogin.jsp?message=fail");
} }
catch(Exception e1)
out.println(e1.getMessage());
adminhome.jsp
HttpSession session2=request.getSession();
session.setAttribute("uid",uid);
session.setAttribute("uname",name);
System.out.println("PAGE id----"+uid);
System.out.println("PAGE NAME adminhome.jsp----"+name);
%>
<head>
<%@ page import="java.util.*" %>
<%@ page import="java.io.*" %>
<%@ page import="java.util.Random" %>
<center>
43
<a href="adminhome.jsp"><span style="color: white">Home</span></a>
<a href="file.jsp"><span style="color: white">DataOwner
Files</span></a>
<a href="UserProfile3.jsp"><span style="color:
white">UserProfiles</span></a>
<!-- <a href="inboxlogin.jsp">UserRequest</a> -->
<a href="index.jsp"><span style="color:
white">Logout</span></a>
</center>
<br/> <br/>
<center><p> <h1><span><font face="TimesNewRoman" color="white" size="6"> Upload Files In
DataOwner1 </font></span></h1> </p>
<table><tr>
<td><font face="TimesNewRoman" color="yellow" size="6">Add
File</font></td>
<td><input type="file" multiple="true" class="text"
name="upload" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow"
size="6">PublicKey</font></td>
44
<td><input type="text" maxlength="5" value="10000"
readonly="readonly"
class="text" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow"
size="6">Encrypted Key</font></td>
<td><input type="text" maxlength="4" id="key" name="key"
value="<%=(int)(Math.random()*10000)%>" readonly="readonly"
class="text" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow" size="6">Data
Owner Name</font></td>
<td><input type="text" name="keyword" value="<%=name %>"
readonly="readonly"
class="text" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
45
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><td><input type="submit" value="SUBMIT" /></td></td>
</tr>
</table>
</form>
</center>
</body>
</html>
UploadFile.java
package com.Upload;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
46
import java.io.ObjectOutputStream;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.Bean.Filebean;
import com.Implementations.Implementation;
import com.Interfaces.UserInterface;
import com.oreilly.servlet.MultipartRequest;
47
import com.oreilly.servlet.multipart.FilePart;
import com.oreilly.servlet.multipart.MultipartParser;
import com.oreilly.servlet.multipart.ParamPart;
import com.oreilly.servlet.multipart.Part;
import encryption.Publickey;
import encryption.security;
/**
*/
@WebServlet("/UploadFile")
/**
* @see HttpServlet#HttpServlet()
*/
public UploadFile() {
super();
48
protected void doGet(HttpServletRequest request,
/**
* response)
*/
String key=null;
49
double fileSize = 0;
String searchkey=request.getParameter("keyword");
HttpSession session=request.getSession();
username=(String) session.getAttribute("username");
System.out.println(fileToupload);
+ "VTJCC09_2018\\WebContent\\CloudServer\\";
/*String metadatafile=fileTouploads.substring(0,
fileTouploads.indexOf("."))+"Cloud\\WebContent\\CloudDataBase\\metadata\\";*/
/*System.out.println(metadatafile);*/
if (part.isFile()) {
filename = filePart.getFileName();
/*metadatafile=metadatafile+filename;*/
50
File uploadedFile = new File(fileToupload);
type = filePart.getContentType();
fileSize = filePart.writeTo(uploadedFile);
upload.setUploadcontent(fis);
// filePart.writeTo(metaupload);
path = fileToupload;
} else if (part.isParam()) {
paramValues.add(tagValue);
key=tagValue;
System.out.println("key="+key);
51
System.out.println(paramValues);
int status = 0;
upload.setFilename(filename);
upload.setType(type);
upload.setSize(fileSize + "");
upload.setPath(path);
upload.setUploadcontent(fis);
System.out.println("path="+path);
Iterator it=paramValues.iterator();
boolean result;
int num = 0;
while(it.hasNext())
arr[num]=(String) it.next();
// System.out.println(it.next());
num++;
upload.setKey(arr[0]);
upload.setUsername(arr[1]);
52
System.out.println(upload.getKey()+"=key");
//SqlMethodsInterface I = SqlMethodsImplementation.getImplementation();
status = I.fileupload(upload);
System.out.println(status);
String fullpath=getServletContext().getRealPath("/");
int a=fullpath.indexOf('.');
String filePath=cutpath+"VTJCC09_2018\\WebContent\\CloudDataBase\\metadata\\";
if (status >0)
{ String path1=filePath+key+".txt";
try{
ArrayList list=u.upload(upload);
53
Iterator iterator=list.iterator();
while (iterator.hasNext()) {
username=iterator.next().toString();
filename=iterator.next().toString();
type=iterator.next().toString();
path=iterator.next().toString();
key=iterator.next().toString();
54
printWriter.close();*/
oout.close();
security.main(null);
ex.printStackTrace();
response.sendRedirect("success.jsp");
else{
response.sendRedirect("upload.jsp");
55
CHAPTER 7
SNAPSHOTS
7.1 GENERAL:
This project is implements like web application using COREJAVA and the Server process is
maintained using the SOCKET & SERVERSOCKET and the Design part is played by Cascading Style
Sheet.
7.2 SNAPSHOTS
The software requirements provide a basis for creating the software requirements specification. Here we
are using Mysql 5.5 as a Backend for the process. SQL language is for adding, accessing and managing
content in a database. It is most noted for its quick processing, proven reliability, ease and flexibility of
use.
56
Fig 7.2: IDE-Eclipse
The above figure Illustrate that we are using Eclipse as a IDE for the process, It is an integrated
development environment (IDE) used in computer programming, and is the most widely used Java IDE.
It contains a base workspace and an extensible plug-in system for customizing the environment.
57
Fig 7.3: Login/Server-Welcome page
The above figure Illustrates the Login Welcome page where the user can access the other options as in
Home page , Data Owner, User, Auditor and Admin Login.
58
Fig 7.4: Registration Page
The above figure illustrate the Registration page for the User where in the user can access the different
pages of the cloud starting with Data owner by registering into the server by giving in required details.
59
Fig 7.5: Data Owner Login Details
The above Figure depicts the Login page of the Data Owner where in the user enters the ID and
password and Log in into the server to be able to upload and the access required files and information.
60
Fig 7.6: Upload Files in Data Owner 1
The above figure depicts the process of uploading the files in the Data owner 1, the page give an option
of adding the file and also represents the Public key and Encrypted key mentioning the Data Owner
Name.
61
Fig 7.7: Data Owner Login to check the files
The above figure depicts the data owner login page where the user enters the required data owner details
with password entry after adding the required files into the server.
62
Fig 7.8: User Registration Page
The above figure illustrates the User registration page where in the user enters all his details including
user ID, name, email ID, contact details and also represent as to in which server the user wishes to
register.
63
Fig 7.9: User Login
The above figure illustrates the User Login page where in the user checks if they can login into the
server after entering the registration details, this is done by entering the User ID,password and selecting
the required server.
64
Fig 7.10: Auditor Welcome Page
The above figure depicts the home page of the Auditor and one can view all the registered users.
Auditing is process of collecting and evaluating evidence of an organization's information systems,
practices, and operations.
65
Fig 7.11: Data Owner 1 File details
The above figure depicts the details of the Data Owner 1 server, representing the file, its size, search
key and a download button.
66
Fig 7.12: Data Owner 2 File details
Like wise the above figure represents the Data Owner 2 server details representing the file, its size,
search key and a download button.
67
Fig 7.13: Data Users List
After which the above figure depicts the details of all the data users list who all have accessed the server
mentioning there details which include user ID, name, password and contact details.
68
Fig 7.14: Admin Login
The above figure depicts the Admin login page where the admin can get into the system to access and
know all the details of the the various Data owners in the server, Login i sdone by mentioning the
Admin name and password.
69
Fig 7.15: All data Owner Details
The above picture depicts the list of all the Data owners and the no of files uploaded in them along with
their sizes and if required an option to delete them.
70
CHAPTER 8
SOFTWARE TESTING
8.1 GENERAL
The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable
fault or weakness in a work product. It provides a way to check the functionality of components, sub
assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of
ensuring that the Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific testing
requirement.
71
8.3.2 Functional Test
Functional tests provide systematic demonstrations that functions tested are available as specified by the
business and technical requirements, system documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.
The task of the integration test is to check that components or software applications, e.g. components in a
software system or – one step up – software applications at the company level – interact without error.
72
8.3.6 Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant participation by the end
user. It also ensures that the system meets the functional requirements.
Action: Expected:
74
8.4.3 DATA OWNER (SERVER) LOGIN:
Transparent server provides an authentication, which is a process of identifying an individual within a
network who has an account in a directory services [enable manual authentication with in web sense
software]. It contains the username and password credentials of the data owner, who provides data to the
organization.
Test case 3:
Action: Expected:
75
8.4.4 ADDING FILES:
The data owner has the access rights to add the Files and sub files in the server, the files can be
classified to several types and data is organized accordingly. The data owner adds files to classify and
provide access rights to the user.
Test case 4:
Test case: Adding files Priority(H,L):High
Test Environment:PC/Java
Action: Expected:
76
8.4.5 FILE ACCESSING:
The specified user can access the file related to their domain can request the data
owner to access the file. Then the data owner acknowledges the request and
provide the access rights accordingly. Then the user receives the response sent by
the data owner and can access the files. The user can change and modify the files
after obtaining the access rights.
Test case 5:
Test case: File accessing Priority(H,L):High
Action: Expected:
77
CHAPTER 9
APPLICATION
9.1 GENERAL
We propose the CryptCloud+. The system works as follows. AT first generates the system
parameters to setup the system and shares the entire system parameters (including public and
private parameters) with AU. It then publishes the public parameters. Also, AT generates access
credentials (i.e. decryption keys) for DUs according to their identities and attributes. DOs
encrypt their data under access policies (which are chosen by themselves) and then outsource the
encrypted data to PC. Any authorized DU is able to decrypt the outsourced ciphertexts to access
to the underlying data. A DU is authorized if the set of attribute he/she possesses satisfies the
access policy defined over the outsourced data.
78
CONCLUSION
In this work, we have addressed the challenge of credential leakage in CP-ABE based cloud
storage system by designing an accountable authority and revocable CryptCloud which supports
white-box traceability and auditing (referred to as CryptCloud+). This is the first CP-ABE based
cloud storage system that simultaneously supports white-box traceability, accountable authority,
auditing and effective revocation. Specifically, CryptCloud+ allows us to trace and revoke
malicious cloud users (leaking credentials). Our approach can be also used in the case where the
users’ credentials are redistributed by the semi-trusted authority. We note that we may need
black-box traceability, which is a stronger notion (compared to white-box traceability), in
CryptCloud.
79
REFERENCE
[1] Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan, Athanasios V. Vasilakos, Keqin
Li, and Albert Y. Zomaya. Sedasc: Secure data sharing in clouds. IEEE Systems Journal,
11(2):395–404, 2017.
[2] Mazhar Ali, Samee U. Khan, and Athanasios V. Vasilakos. Security in cloud computing:
Opportunities and challenges. Inf. Sci., 305:357–383, 2015.
[3] Michael Armbrust, Armando Fox, Rean Griffith, Anthony D Joseph, Randy Katz, Andy
Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, et al. A view of cloud
computing. Communications of the ACM, 53(4):50–58, 2010.
[4] Nuttapong Attrapadung and Hideki Imai. Attribute-based encryption supporting direct/indirect
revocation modes. In Cryptography and Coding, pages 278–300. Springer, 2009.
[5] Amos Beimel. Secure schemes for secret sharing and key distribution. PhD thesis, PhD thesis,
Israel Institute of Technology, Technion, Haifa, Israel, 1996.
[6] Mihir Bellare and Oded Goldreich. On defining proofs of knowledge. In Advances in
Cryptology-CRYPTO’92, pages 390–420. Springer, 1993.
[7] Dan Boneh and Xavier Boyen. Short signatures without random oracles. In EUROCRYPT -
2004, pages 56–73, 2004.
[8] Hongming Cai, Boyi Xu, Lihong Jiang, and Athanasios V. Vasilakos. Iot-based big data storage
systems in cloud computing: Perspectives and challenges. IEEE Internet of Things Journal, 4(1):75–
87, 2017.
[9] Jie Chen, Romain Gay, and Hoeteck Wee. Improved dual system ABE in prime-order groups
via predicate encodings. In Advances in Cryptology - EUROCRYPT 2015, pages 595–624, 2015.
[10] Angelo De Caro and Vincenzo Iovino. jpbc: Java pairing based cryptography. In ISCC 2011,
pages 850–855. IEEE, 2011.
80