CHAPTER 1

INTRODUCTION
1.1 GENERAL:
The prevalence of cloud computing may indirectly incur vulnerability to the confidentiality of
outsourced data and the privacy of cloud users. A particular challenge here is on how to guarantee that
only authorized users can gain access to the data, which has been outsourced to cloud, at anywhere and
anytime. One naive solution is to employ encryption technique on the data prior to uploading to cloud.
However, the solution limits further data sharing and processing. This is so because a data owner needs
to download the encrypted data from cloud and further re-encrypt them for sharing (suppose the data
owner has no local copies of the data). A fine-grained access control over encrypted data is desirable in
the context of cloud computing. Ciphertext-Policy Attribute-Based Encryption (CPABE) may be an
effective solution to guarantee the confidentiality of data and provide fine-grained access control here.
In a CP-ABE based cloud storage system, for example, organizations (e.g., a university such as the
University of Texas at San Antonio) and individuals (e.g., students, faculty members and visiting
scholars of the university) can first specify access policy over attributes of a potential cloud user.
Authorized cloud users then are granted access credentials (i.e., decryption keys) corresponding to their
attribute sets (e.g., student role, faculty member role, or visitor role), which can be used to obtain access
to the outsourced data. As a robust one-to-many encryption mechanism, CP-ABE offers a reliable
method to protect data stored in cloud, but also enables fine-grained access control over the data.

1.2. OBJECTIVE
We propose Crypt Cloud+, an accountable authority and revocable CPABE based cloud storage system
with white-box traceability and auditing. To the best of our knowledge, this is the first practical solution
to secure fine-grained access control over encrypted data in cloud. Specifically, in our work, we first
present a CP-ABE based cloud storage framework. Using this (generic) framework, we propose two
accountable authority and revocable CP-ABE systems (with white box traceability and auditing) that are
fully secure in the standard model, referred to as ATER-CP-ABE and ATIR-CPABE, respectively.

1
1.3 EXISTING SYSTEM:
Secure cloud storage, which is an emerging cloud service, is designed to protect the confidentiality of
outsourced data but also to provide flexible data access for cloud users whose data is out of physical
control. The existing CP-ABE based cloud storage systems fail to consider the case where access
credential is misused. For instance, a university deploys a CPABE based cloud storage system to
outsource encrypted student data to cloud under some access policies that are compliant with the
relevant data sharing and privacy legislation.

1.3.1 EXISTING SYSTEM DISADVANTAGES:

 It encrypts identical plaintext blocks to identical ciphertext blocks and cannot encrypt images
that contain large areas of a single colour.
 Low diffusion all information of a plaintext symbol is contained in a single ciphertext symbol.

1.4 Proposed System

One is on the semi-trusted authority side, and the other is on the side of cloud user. To mitigate the
misuse, we propose the first accountable authority and revocable CP-ABE based cloud storage system
with white-box traceability and auditing, referred to as CryptCloud+.

1.4.1 Proposed System Advantages

 AES is more secure (it is less susceptible to cryptanalysis than 3DES).
 AES supports larger key sizes than 3DES's 112 or 168 bits. AES is faster in both hardware and
software.

2
1.5 LITERATURE SURVEY
TITLE : Sedasc: Secure data sharing in clouds
AUTHOR : Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan
YEAR : 2017

DESCRIPTION
Cloud storage is an application of clouds that liberates organizations from establishing in-house data
storage systems. However, cloud storage gives rise to security concerns. In case of group-shared data,
the data face both cloud-specific and conventional insider threats. Secure data sharing among a group
that counters insider threats of legitimate yet malicious users is an important research issue. In this
paper, we propose the Secure Data Sharing in Clouds (SeDaSC) methodology that provides: 1) data
confidentiality and integrity; 2) access control; 3) data sharing (forwarding) without using compute-
intensive re-encryption; 4) insider threat security; and 5) forward and backward access control.

TITLE : Security in cloud computing: Opportunities and challenges

AUTHOR : Mazhar Ali, Samee U. Khan, and Athanasios V. Vasilakos
YEAR : 2015

DESCRIPTION
The cloud computing exhibits, remarkable potential to provide cost effective, easy to manage, elastic,
and powerful resources on the fly, over the Internet. The cloud computing, upsurges the capabilities of
the hardware resources by optimal and shared utilization. The above mentioned features encourage the
organizations and individual users to shift their applications and services to the cloud. Even the critical
infrastructure, for example, power generation and distribution plants are being migrated to the cloud
computing paradigm. However, the services provided by third-party cloud service providers entail
additional security threats. The migration of user’s assets (data, applications, etc.) outside the
administrative control in a shared environment where numerous users are collocated escalates the
security concerns. This survey details the security issues that arise due to the very nature of cloud
computing.

3
TITLE : Attribute-based encryption supporting direct/indirect revocation modes
AUTHOR : Nuttapong Attrapadung and Hideki Imai.
YEAR : 2009

DESCRIPTION
Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by
specifying access policies among private keys and ciphertexts. In this paper, we focus on ABE that
supports revocation. Currently, there are two available revocable ABE schemes in the literature. Their
revocation mechanisms, however, differ in the sense that they can be considered as direct and indirect
methods. Indirect revocation enforces revocation by the key authority who releases a key update
material periodically in such a way that only non-revoked users can update their keys (hence, revoked
users’ keys are implicitly rendered useless). An advantage of the indirect method over the direct one is
that it does not require senders to know the revocation list. In contrast, an advantage of the direct method
over the other is that it does not involve key update phase for all non-revoked users interacting with the
key authority. In this paper, we present the first Hybrid Revocable ABE scheme that allows senders to
select on-the-fly when encrypting whether to use either direct or indirect revocation

TITLE : Secure schemes for secret sharing and key distribution

AUTHOR : Amos Beimel
YEAR : 1996

DESCRIPTION
A key distribution scheme for dynamic conferences is a method by which initially an trusted server
distributes private individual pieces of in- formation to a set of users. Later each member of any group
of users of given size can compute a common secure group key. In this setting any group of t users can
compute a common key by each user computing using only his private initial piece of information and
the identities of the other t - 1 users in the group. Keys are secure against coalition of to k users, that is,
even if k users pool together their pieces they cannot compute anything about a key of any t-size
conference comprised of other users. In this paper, we introduce an algorithm for such perfectly secure
scheme by using Pell's equation.

4
TITLE : Iot-based big data storage systems in cloud computing.
AUTHOR : Hongming Cai, Boyi Xu, Lihong Jiang, and Athanasios V. Vasilakos.
YEAR : 2017

DESCRIPTION
Internet of Things (IoT) related applications have emerged as an important field for both engineers and
researchers, reflecting the magnitude and impact of data-related problems to be solved in contemporary
business organizations especially in cloud computing. This paper first provides a functional framework
that identifies the acquisition, management, processing and mining areas of IoT big data, and several
associated technical modules are defined and described in terms of their key characteristics and
capabilities. Then current research in IoT application is analyzed, moreover, the challenges and
opportunities associated with IoT big data research are identified. We also report a study of critical IoT
application publications and research topics based on related academic and industry publications.

TITLE : Improved dual system ABE in prime-order groups via predicate encodings
AUTHOR : Jie Chen, Romain Gay, and Hoeteck Wee.
YEAR : 2015

DESCRIPTION
We present a modular framework for the design of efficient adaptively secure attribute-based encryption
(ABE) schemes for a large class of predicates under the standard k -Lin assumption in prime-order
groups; this is the first uniform treatment of dual system ABE across different predicates and across both
composite and prime-order groups. Via this framework, we obtain concrete efficiency improvements for
several ABE schemes. Our framework has three novel components over prior works: (i) new techniques
for simulating composite-order groups in prime-order ones, (ii) a refinement of prior encodings
framework for dual system ABE in composite-order groups, (iii) an extension to weakly attribute-hiding
predicate encryption (which includes anonymous identity-based encryption as a special case).

5
TITLE : jpbc: Java pairing based Cryptography
AUTHOR : Angelo De Caro and Vincenzo Iovino
YEAR : 2011

DESCRIPTION
It has been recently discovered that some cyclic groups that could be used in Cryptography admit a
special bilinear pairing map that introduces extra structure to the group. Bilinear pairing maps were first
used to break cryptosystems (see, for example,) and later it was realized that the extra structure could be
exploited to build cryptosystems with extra properties. Boneh and Franklins identity-based encryption
scheme is the most famous early example of what could be achieved using bilinear maps. After that, a
plethora of cryptosystems have been designed using bilinear maps. No full and freely available
implementation of pairing based cryptography was available until this work. Moreover, neither one of
implements pre-processing that is crucial to reduce the computation time. In this work, we present jPBC
a Java port of the PBC library written in C. jPBC provides a full ecosystem of interfaces and classes to
simplify the use of the bilinear maps even for a non-cryptographer.

TITLE : Athanasios Vasilakos, and Ching-Nung Yang.

AUTHOR : Zhangjie Fu, Fengxiao Huang, Xingming
YEAR : 2016

DESCRIPTION
Currently, searchable encryption is a hot topic in the field of cloud computing. The existing
achievements are mainly focused on keyword-based search schemes, and almost all of them depend on
predefined keywords extracted in the phases of index construction and query. However, keyword-based
search schemes ignore the semantic representation information of users’ retrieval and cannot completely
match users’ search intention. In this paper, for the first time, we define and solve the problems of
semantic search based on conceptual graphs(CGs) over encrypted outsourced data in clouding
computing (SSCG).

6
 CHAPTER 2
PROJECT DESCRIPTION
2.1 GENERAL:
An overview of the approach we use to realize the traceability of malicious cloud users, accountable
authority, auditing and malicious cloud users revocation is briefly introduced below. As previously
discussed, to trace malicious cloud users leaking access credentials, we use a Paillier-like encryption as
an extractable commitment to achieve white-box traceability. Specifically, the extractable commitment
allows us to commit the identity of a user when he/she requests for access credential.
The commitment is regarded as a part of the credential. Due to the hiding and binding technique of
the Paillier-like extractable commitment, a user cannot reveal and further “modify” the identity which is
“encoded” in the credential. The algorithm Trace allows us to use a trapdoor for the commitment to
recover the user’s identity from the corresponding credential.

2.2 METHODOLOGIES
2.2.1 MODULES NAME:
This project having the following six modules:
 User Interface Design
 Data Owners
 Public Cloud Server (Encrypt Data Storage Server & Decrypt )
 Auditor
 User
 Admin

7
2.2.2 USER INTERFACE DESIGN:

Welcom
e Page

Public Cloud
Login server Server

Registrati
on
Page

Fig 2.1: User Interface Design

DESCRIPTION:
In this module we design the windows for the project. These windows are used for secure login for
all users. To connect with server user must give their username and password then only they can able to
connect the server. If the user already exits directly can login into the server else user must register their
details such as username, password and Email id, into the server. Server will create the account for the
entire user to maintain upload and download rate. Name will be set as user id. Logging in is usually used
to enter a specific page.

8
2.2.3 DATA OWNERS

DataOwner1
Data Owner1 Register &
Login

Data Owner2

Data Owner Upload & Public Cloud

Data Owner3
Home Page Encrypt Server
Files

Security Key
Generation & View
Files

View Authorized User

profiles

Fig 2.2: Data Owners

DESCRIPTION:
This is the second module of our project Data Owners (DOs) encrypt their data under the relevant
access policies prior to outsourcing the (encrypted) data to a public cloud (PC). Trough which he can
login. After entering to the home page Data Owner will have options like File Upload, Upload Files
Details, User Profile.

9
2.2.4 PUBLIC CLOUD SERVER:

PC Server

Give Authority Checking Authorized

DO & User, Users
Public Cloud
Encrypted files
Or Unauthorized Users Server

Fig 2.3: Public Cloud Server

DESCRIPTION:
This is the third module of our project which plays a crucial role in the entire project after login in to
this module the Cloud Server will have options like (i) PC stores the outsourced (encrypted) data from
Dos and handles data access requests from data users (DUs) (ii) Data Owner’s where he can see the no
of Data Owner’s in the cloud and he can act.

10
2.2.5 Auditor:

Auditor Login

Sending User Public Cloud

Verifying all requested file Server
users & auditor encryption key
given activation

Traceability of
malicious cloud
users.

Fig 2.4: Auditor

DESCRIPTION:
This is the fourth module of our project no registration for Auditor only for login with help of
Auditor name & password. After login in to Auditor he access all users profiles then Cloud Server given
authority to all users. Semi-trusted authority (AT) generates system parameters and issues access
credentials (i.e., decryption keys) to DUs. Auditor (AU) is trusted by other entities, takes charge of
audit and revoke procedures, and returns the trace and audit results to DOs and DUs.

11
2.2.6 USER (AUTHORIZED USER & UNAUTHORIZED USER)

User Login

User Home Page Verify Authority

Views all Data Owners

Public Cloud Server

If Authorized User View Security

Key Directly Decrypt & Download
Files
After Getting Response
Decrypt & Download Files

If Unauthorized User Send Request

to Auditor

Fig 2.5: User

DESCRIPTION:
This is the fifth module of our project after successful registration is done user will try to access his
account which should be activated by the Auditor i.e., after the activation is done by the Auditor Authority
then only he can login. After entering to the home page user will have options like see the all Data Owners
files i.e., DataOwner1, DataOwner2, DataOwner3 Files. For example this particular user authorized to
Data Owner1. Then he can download with help of security key only for DO1 Files. If required DO2 or
DO3 files then first send one request to particular Auditor. After that if the auditor given permeation and
sending security key. Now user enter security key then download file. Authorized DUs are able to access
(e.g. download and decrypt) the outsourced data.

12
2.2.7 ADMIN

Admin Login

Display All
Admin Page DO Details Cloud Database

Display All
User Details

Display All Request Traceabilit

& Response Details y details

Fig 2.6: Admin

DESCRIPTION:
In this final module of our project after successful admin login attempt admin will be redirected to his
page where he will be finding the three options like UPLOADS, All Data Owner Details, All User
Details, All Request Details, trusted by other entities, takes charge of audit and revoke procedures data.
On clicking on each hyperlink he will be able to see what operations cloud users and Data Owners are
doing in the cloud.

13
2.2.8 GIVEN INPUT EXPECTED OUTPUT:
 User Interface
Input: Enter login name and password.
Output: If valid user means directly open the home page otherwise show the error message and redirect
to the registration page.

 Data Owners
Input: Data Owners name, Password and Server Name
Output: Data Owners Upload files, encrypting files, key generating, view upload files, view user
profiles.

 Public Cloud Server

Input: Cloud Server verifying.
Output: Cloud server checking Data Owner and Authorized or Unauthorized Users, stored data.

 Auditor
Input: Auditor authentication name and Password.
Output: Auditor view all users details then given activation & Trace malicious cloud users.

 User
Input: User register, login, decrypts files, download files and verify.
Output: User tack all permission to auditor action after that verify DO also.

 Admin
Input: Admin login, verify encryption data key and verify data.
Output: On clicking on each hyperlink he will be able to see what operations DO, Traceability Details
& Users are doing in the cloud.

14
2.3 TECHNIQUE USED OR ALGORITHM USED

 AES algorithm.
Cryptographic algorithm that can be used to protect electronic data. It is used for both encrypting and
decrypting the data. In the context of Attribute-Based Encryption (ABE), Sahai and Waters initially
introduce the notion of ABE, which is subsequently formalized Specifically, Goyal et al. define Key-
Policy Attribute-Based Encryption (KP-ABE) and Ciphertext-Policy Attribute-Based Encryption (CP-
ABE). Since then, a range of ABE schemes have been proposed in the literature While these schemes
are designed to achieve better efficiency, expressiveness and security, they do not address traceability
and revocation issues. Li et al. introduce the notion of accountable CP-ABE to prevent unauthorized key
distribution among colluded users. In a later work a user accountable multi-authority CP-ABE system is
proposed. Liu et al. also proposed white-box and black-box traceability 1 CP-ABE systems supporting
policy expressiveness in any monotone access structures. Propose several practical CP-ABE systems
with white-box traceability and black-box traceability. Provide a tracing mechanism of CP-ABE to find
the leaked access credentials in cloud storage system. A number of attribute revocation solutions for CP-
ABE systems have also been proposed in the literature. Define the problem of revocable storage and
provide a fully secure construction for ABE based on ciphertext delegation. Propose a revocable multi-
authority CP-ABE system that achieves both forward and backward security. More recently, Propose an
attribute updating method to achieve the dynamic change on attribute (such as revoking previous
attribute and re-granting previously revoked attribute). However, the aforementioned research works do
not consider the misbehavior of key generation authority, the feasibility of auditing, and the revocation
(of misbehaver). These are the problems that we target to address in this paper.

15
 CHAPTER 3
REQUIREMENTS ENGINEERING
3.1 GENERAL
The PC is honest-but-curious in the sense that it may curiously gather more information about the
outsourced (encrypted) data but will not deviate from the specification (i.e. correctly executing tasks
assigned by DOs). AT is semi trusted in the sense that it may (re-)distribute access credentials to those
who are unauthorized but generate system parameters (to be shared with AU) honestly.

3.2 HARDWARE REQUIREMENTS

The hardware requirements may serve as the basis for a contract for the implementation of the system
and should therefore be a complete and consistent specification of the whole system. They are used by
software engineers as the starting point for the system design. It shoulds what the system do and not how
it should be implemented.

HARDWARE
 PROCESSOR : PENTIUM IV 2.6 GHz, Intel Core 2 Duo.
 RAM : 512 MB DD RAM
 MONITOR : 15” COLOR
 HARD DISK : 40 GB

3.3 SOFTWARE REQUIREMENTS

The software requirements document is the specification of the system. It should include both a
definition and a specification of requirements. It is a set of what the system should do rather than how it
should do it. The software requirements provide a basis for creating the software requirements
specification. It is useful in estimating cost, planning team activities, performing tasks and tracking the
teams and tracking the team’s progress throughout the development activity.

16
SOFTWARE
 FRONT END : J2EE (JSP, SERVLET)
 BACK END : MY SQL 5.5
 OPERATING SYSTEM : WINDOWS 7
 IDE : ECLIPSE

3.4 FUNCTIONAL REQUIREMENTS

A functional requirement defines a function of a software-system or its component. A function is
described as a set of inputs, the behaviour, and outputs. The outsourced computation is data is more
secured. In this paper, we investigate the two main cases of access credential misuse: one is on the semi-
trusted authority side, and the other is on the side of cloud user. To mitigate the misuse, we propose the
first accountable authority and revocable CP-ABE based cloud storage system with white-box
traceability and auditing, referred to as CryptCloud+. We also present the security analysis and further
demonstrate the utility of our system via experiments.

3.5 NON-FUNCTIONAL REQUIREMENTS

EFFICIENCY
1. Traceability of malicious cloud users. Users who leak their access credentials can be traced and
identified.
2. Accountable authority. A semi-trusted authority, who (without proper authorization) generates and
further distributes access credentials to unauthorized user(s), can be identified. This allows further
actions to be undertaken (e.g. criminal investigation or civil litigation for damages and breach of
contract).
3. Auditing. An auditor can determine if a (suspected) cloud user is guilty in leaking his/her access
credential.
4. “Almost” zero storage requirement for tracing. We use a Paillier-like encryption as an extractable
commitment in tracing malicious cloud users and more practically, we do not need to maintain an
identity table of users for tracing.
5. Malicious cloud users revocation. Access credentials for individual traced and further determined to
be “compromised” can be revoked. We design two mechanisms to revoke the “traitor(s)” effectively.

17
6.The ATER-CP-ABE provides an explicitly revocation mechanism where a revocation list is specified
explicitly into the algorithm Encrypt, while the ATIRCP- ABE offers an implicitly revocation where the
encryption does not need to know the revocation list but a key update operation is required periodically.

18
 CHAPTER 4
DESIGN ENGINEERING
4.1 GENERAL
Design Engineering deals with the various UML [Unified Modelling language] diagrams for the
implementation of project. Design is a meaningful engineering representation of a thing that is to be
built. Software design is a process through which the requirements are translated into representation of
the software. Design is the place where quality is rendered in software engineering. Design is the means
to accurately translate customer requirements into finished product.
4.2 USE CASE DIAGRAM

Register

Login

Upload Files

Data Owners
Auditor
Key Generated & Encrypted File

User Tack Permeation From Auditor

Auditor Given Permeation

Users

User view DO files details

Public Cloud

If unauthorized user view security key

directiy decrypt & download file

Admin

If unauthorized user send request to Auditor

Auditor send key to user

User downloading files & decrypted file data

View DO Files Details, User Details

Fig 4.1: Use Case Diagram

DESCRIPTION:
The main purpose of a use case diagram is to show what system functions are performed for which
actor. Roles of the actors in the system can be depicted. The above diagram consists of user as actor.
Each will play a certain role to achieve the concept.

19
4.3 CLASS DIAGRAM:

Fig 4.2: Class Diagram

DESCRIPTION
In this class diagram represents how the classes with attributes and methods are linked together to
perform the verification with security. From the above diagram shown the various classes involved in
our project
20
4.4 OBJECT DIAGRAM

DataOwner : DataOwner Login : Login Register : Register

Uplaod : Upload
Public Cloud : Public Cloud User : User

Encrypt : Encrypt ViewFiles : ViewFiles

Auditor : Auditor

Admin : Admin
Download : Download

Fig 4.3: Object Diagram

DESCRIPTION:
In the above digram tells about the flow of objects between the classes. It is a diagram that shows a
complete or partial view of the structure of a modeled system. In this object diagram represents how the
classes with attributes and methods are linked together to perform the verification with security.

21
4.5 STATE CHART DIAGRAM

Login Register Login

Data Owner Home Login Auditor

Upload file User Home Given Permeation

Encrypted Data Checking Auditor File Key Generation

Admin Login Sending request to auditor

Sending key to

View DO Files View Data

View User Details Enter Security Key

View Req & Res Details Download File

Public Cloud

Fig 4.4: State Chart Diagram

DESCRIPTION:
State diagram are a loosely defined diagram to show workflows of stepwise activities and actions,
with support for choice, iteration and concurrency. State diagrams require that the system described is
composed of a finite number of states; sometimes, this is indeed the case, while at other times this is a
reasonable abstraction. Many forms of state diagrams exist, which differ slightly and have different
semantics.
22
4.6 SEQUENCE DIAGRAM

Data Owner User Auditor Admin Public Cloud

Data Owner Login

Login Succssfully

File Uploading

Encrypting files data then generation file security key

File uploading successfully

User Register

Register Successfully

User Login

Login

Auditor given permetion

User Taken Permeation

User Login Successfully

View All DO Files

Verifying if authorized users or Unauthorized users files

If Authorized User Files

Enter Security key downoad & decrypt files

User sending request to auditor

Sending response security key

Enter security key then verity files

File download & decrypting successfully

Admin Login

Login successfully

View all DO & User information

View details successfully

Fig 4.5: Sequence Diagram

DESCRIPTION:
A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that
shows how processes operate with one another and in what order. It is a construct of a Message
Sequence Chart. A sequence diagram shows object interactions arranged in time sequence. It depicts the
objects and classes involved in the scenario and the sequence of messages exchanged between the
objects needed to carry out the functionality of the scenario.
23
4.7 COLLABORATION DIAGRAM

Auditor

21: File download & decrypting successfully 9: Login

20: Enter security key then verity files 10: Auditor given permetion
19: Sending response security key

18: User sending request to auditor 11: User Taken Permeation

3: File Uploading 15: If Authorized User Files
7: Register Successfully
12: User Login Successfully
1: Data Owner Login 14: Verifying if authorized users or Unauthorized users files
4: Encrypting files data then generation file security key 17:
Data Public User
Owner Cloud
2: Login Succssfully 6: User Register
5: File uploading successfully 8: User Login
13: View All DO Files
16: Enter Security key downoad & decrypt files

23: Login successfully

22: Admin Login 25: View details successfully
24: View all DO & User information

Admin

Fig 4.6: Collaboration Diagram

DESCRIPTION:
A collaboration diagram, also called a communication diagram or interaction diagram, is an
illustration of the relationships and interactions among software objects in the Unified Modeling
Language (UML). The concept is more than a decade old although it has been refined as modeling
paradigms have evolved.

24
4.8 ACTIVITY DIAGRAM

Register & Login

Data Owner Home User Home Admin Home

Upload File Search File

View DO Files

View Data
Encrypted Data
View User Details

Enter Security Key

Key Generation

View Search Details

Download File

Cloud Database

Fig 4.7:Activity Diagram

DESCRIPTION:
Activity diagrams are graphical representations of workflows of stepwise activities and actions with
support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can
be used to describe the business and operational step-by-step workflows of components in a system. An
activity diagram shows the overall flow of control.

25
4.9 COMPONENT DIAGRAM

Data Owner Login Auditor

File Upload Public Cloud Register

Encrypt & Ke View File

y generating
User

Admin
Decrypt &
Download Files

Fig 4.8: Component Diagram

DESCRIPTION:
In the Unified Modeling Language, a component diagram depicts how components are wired together to
form larger components and or software systems. They are used to illustrate the structure of arbitrarily
complex systems. User gives main query and it converted into sub queries and sends through data
dissemination to data aggregators. Results are to be showed to user by data aggregators. All boxes are
components and arrow indicates dependencies.

26
4.10 DATA FLOW DIAGRAM:
Level 0:

Data Owner1 Register &

Login
Data Owner2

Data Owner3 Data Owner Upload & Public Cloud

Home Page Encrypt Files Server

Security Key Generation

& View Files

View Authorized User

profiles

Fig 4.9: Data Flow Diagram For Level 0

Level 1:

Auditor Login

Sending User Public Cloud

Verifying all
requested file Server
users & auditor
encryption key
given activation

Traceability of
malicious cloud users.

Fig 4.10: Data Flow Diagram For Level 1

27
Level 2:

User Login

User Home Page Verify Authority

Views all Data Owners

Public Cloud Server

If Authorized User View Security Key

Directly Decrypt & Download Files

After Getting Response Decrypt &

Download Files

If Unauthorized User Send Request to

Auditor

Fig 4.11: Data Flow Diagram For Level 2

DESCRIPTION:
A data flow diagram (DFD) is a graphical representation of the "flow" of data through an information
system, modeling its process aspects. Often they are a preliminary step used to create an overview of the
system which can later be elaborated. DFDs can also be used for the visualization of data processing
(structured design).
A DFD shows what kinds of data will be input to and output from the system, where the data will
come from and go to, and where the data will be stored. It does not show information about the timing of
processes, or information about whether processes will operate in sequence or in parallel.

28
4.11 E-R DIAGRAM:

Userna Filenam
me e

PC Upload
Data
Server File
Owner

Encryp
Securit
Passwor t
y Key
d

Trust Authorize
Userna Name d
me Addre
ss
Validat Auditor
User Admin
e

Email Password
Passwo Checking Unauthoriz
rd ed

Fig 4.12: E-R Diagram

DESCRIPTION:
Entity-Relationship Model (ERM) is an abstract and conceptual representation of data. Entity-
relationship modeling is a database modeling method, used to produce a type of conceptual schema or
semantic data model of a system, often a relational database.

29
4.12 System Architecture

Fig 4.13: System Architecture

DESCRIPTION:
Our CP-ABE based cloud storage system, with the following key entities: Data owners (DOs) encrypt
their data under the relevant access policies prior to outsourcing the (encrypted) data to a public cloud
(PC). PC stores the outsourced (encrypted) data from Dos and handles data access requests from data
users (DUs). Authorized DUs are able to access (e.g. download and decrypt) the outsourced data. Semi-
trusted authority (AT) generates system parameters and issues access credentials (i.e., decryption keys)
to DUs. Auditor (AU) is trusted by other entities, takes charge of audit and revoke procedures, and
returns the trace and audit results to DOs and DUs.

30
 CHAPTER 5
DEVELOPMENT TOOLS
5.1 GENERAL
This chapter is about the software language and the tools used in the development of the project. The platform
used here is JAVA. The Primary languages are JAVA, J2EE and J2ME. In this project J2EE is chosen for
implementation.

5.2 FEATURES OF JAVA

5.2.1 THE JAVA FRAMEWORK
Java is a programming language originally developed by James Gosling at Microsystems and
released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much
of its syntax from C and C++ but has a simpler object model and fewer low-level facilities. Java
applications are typically compiled to byte code that can run on any Java Virtual Machine (JVM)
regardless of computer architecture. Java is general-purpose, concurrent, class-based, and object-
oriented, and is specifically designed to have as few implementation dependencies as possible. It is
intended to let application developers "write once, run anywhere".
Java is considered by many as one of the most influential programming languages of the 20th
century, and is widely used from application software to web applications the java framework is a new
platform independent that simplifies application development internet. Java technology's versatility,
efficiency, platform portability, and security make it the ideal technology for network computing. From
laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is
everywhere!

5.2.2 OBJECTIVES OF JAVA

To see places of Java in Action in our daily life, explore java.com.

Why Software Developers Choose Java

Java has been tested, refined, extended, and proven by a dedicated community. And numbering more than 6.5
million developers, it's the largest and most active on the planet. With its versatility, efficiency, and portability,
Java has become invaluable to developers by enabling them to:
 Write software on one platform and run it on virtually any other platform
31
 Create programs to run within a Web browser and Web services
 Develop server-side applications for online forums, stores, polls, HTML forms processing, and
more
 Combine applications or services using the Java language to create highly customized
applications or services
 Write powerful and efficient applications for mobile phones, remote processors, low-cost
consumer products, and practically any other device with a digital heartbeat.

Some Ways Software Developers Learn Java

Today, many colleges and universities offer courses in programming for the Java platform. In addition,
developers can also enhance their Java programming skills by reading Sun's java.sun.com Web site,
subscribing to Java technology-focused newsletters, using the Java Tutorial and the New to Java
Programming Center, and signing up for Web, virtual, or instructor-led courses.
Object Oriented
To be an Object Oriented language, any language must follow at least the four characteristics.
1. Inheritance: It is the process of creating the new classes and using the behavior of the existing
classes by extending them just to reuse the existing code and adding addition a features as needed.
2. Encapsulation: It is the mechanism of combining the information and providing the abstraction.
3. Polymorphism: As the name suggest one name multiple form, Polymorphism is the way of providing
the different functionality by the functions having the same name based on the signatures of
the methods.
4. Dynamic binding: Sometimes we don't have the knowledge of objects about their specific types
while writing our code. It is the way of providing the maximum functionality to a program about the
specific type at runtime.

5.2.3 JAVA SWING OVERVIEW

Abstract Window Toolkit (AWT) Is Cross-Platform
Swing provides many controls and widgets to build user interfaces with. Swing class names typically
begin with a J such as JButton, JList, JFrame. This is mainly to differentiate them from their AWT
counterparts and in general is one-to-one replacements. Swing is built on the concept of Lightweight
components vs AWT and SWT's concept of Heavyweight components. The difference between the two
32
is that the Lightweight components are rendered (drawn) using purely Java code, such as drawLine and
drawImage, whereas Heavyweight components use the native operating system to render the
components.
Some components in Swing are actually heavyweight components. The top-level classes and any
derived from them are heavyweight as they extend the AWT versions. This is needed because at the root
of the UI, the parent windows need to be provided by the OS. These top-level classes
include JWindow, JFrame, JDialog and JApplet. All Swing components to be rendered to the screen
must be able to trace their way to a root window of one of those classes.
Note: It generally it is not a good idea to mix heavyweight components with lightweight components
(other than as previously mentioned) as you will encounter layering issues, e.g., a lightweight
component that should appear "on top" ends up being obscured by a heavyweight component. The few
exceptions to this include using heavyweight components as the root pane and for popup windows.
Generally speaking, heavyweight components will render on top of lightweight components and will not
be consistent with the look and feel being used in Swing. There are exceptions, but that is an advanced
topic. The truly adventurous may want to consider reading this article from Sun on mixing heavyweight
and lightweight components.

5.2.4 Evolution of Collection Framework:

Almost all collections in Java are derived from the java.util.Collection interface. Collection defines the
basic parts of all collections. The interface states the add() and remove() methods for adding to and
removing from a collection respectively. Also required is the toArray() method, which converts the
collection into a simple array of all the elements in the collection. Finally, the contains() method checks
if a specified element is in the collection. The Collection interface is a sub interface
of java.util.Iterable, so the iterator() method is also provided. All collections have an iterator that goes
through all of the elements in the collection. Additionally, Collection is a generic. Any collection can be
written to store any class. For example, Collection<String> can hold strings, and the elements from the
collection can be used as strings without any casting required.
There Are Three Main Types Of Collections:
 Lists: always ordered, may contain duplicates and can be handled the same way as usual arrays
 Sets: cannot contain duplicates and provide random access to their elements

33
 Maps: connect unique keys with values, provide random access to its keys and may host
duplicate values

LIST
Lists are implemented in the JCF via the java.util.List interface. It defines a list as essentially a more
flexible version of an array. Elements have a specific order, and duplicate elements are allowed.
Elements can be placed in a specific position. They can also be searched for within the list. Two
concrete classes implement List. The first is java.util.ArrayList, which implements the list as an array.
Whenever functions specific to a list are required, the class moves the elements around within the array
in order to do it. The other implementation is java.util.LinkedList. This class stores the elements in
nodes that each have a pointer to the previous and next nodes in the list. The list can be traversed by
following the pointers, and elements can be added or removed simply by changing the pointers around
to place the node in its proper place.

SET:
Java's java.util.Set interface defines the set. A set can't have any duplicate elements in it.
Additionally, the set has no set order. As such, elements can't be found by index. Set is implemented
by java.util.HashSet,java.util.LinkedHashSet, and java.util.TreeSet. HashSet uses a hash table. More
specifically, it uses a java.util.HashMap to store the hashes and elements and to prevent duplicates.
Java.util.LinkedHashSet extends this by creating a doubly linked list that links all of the elements by
their insertion order. This ensures that the iteration order over the set is
predictable. java.util.TreeSet uses a red-black tree implemented by a java.util.TreeMap. The red-black
tree makes sure that there are no duplicates. Additionally, it allows Tree Set to
implement java.util.SortedSet.
The java.util.Set interface is extended by the java.util.SortedSet interface. Unlike a regular set, the
elements in a sorted set are sorted, either by the element's compareTo() method, or a method provided to
the constructor of the sorted set. The first and last elements of the sorted set can be retrieved, and subsets
can be created via minimum and maximum values, as well as beginning or ending at the beginning or
ending of the sorted set. The SortedSet interface is implemented by java.util.TreeSet.
java.util.SortedSet is extended further via the java.util.NavigableSet interface. It's similar to
SortedSet, but there are a few additional methods. The floor(), ceiling(), lower(), and higher() methods

34
find an element in the set that's close to the parameter. Additionally, a descending iterator over the items
in the set is provided. As with SortedSet, java.util.TreeSet implements NavigableSet.

MAP:
Maps are defined by the java.util.Map interface in Java. Maps are simple data structures that associate a
key with a value. The element is the value. This lets the map be very flexible. If the key is the hash code
of the element, the map is essentially a set. If it's just an increasing number, it becomes a list. Maps are
implemented by java.util.HashMap, java.util.LinkedHashMap, and java.util.TreeMap. HashMap uses a
hash table. The hashes of the keys are used to find the values in various buckets. LinkedHashMap
extends this by creating a doubly linked list between the elements. This allows the elements to be
accessed in the order in which they were inserted into the map. TreeMap, in contrast to HashMap and
LinkedHashMap, uses a red-black tree. The keys are used as the values for the nodes in the tree, and the
nodes point to the values in the map.

THREAD:
Simply put, a thread is a program's path of execution. Most programs written today run as a single
thread, causing problems when multiple events or actions need to occur at the same time. Let's say, for
example, a program is not capable of drawing pictures while reading keystrokes. The program must give
its full attention to the keyboard input lacking the ability to handle more than one event at a time. The
ideal solution to this problem is the seamless execution of two or more sections of a program at the same
time.

CREATING THREADS:
Java's creators have graciously designed two ways of creating threads: implementing an interface and
extending a class. Extending a class is the way Java inherits methods and variables from a parent class.
In this case, one can only extend or inherit from a single parent class. This limitation within Java can be
overcome by implementing interfaces, which is the most common way to create threads. (Note that the
act of inheriting merely allows the class to be run as a thread. It is up to the class to start() execution, etc.)
Interfaces provide a way for programmers to lay the groundwork of a class. They are used to design the
requirements for a set of classes to implement. The interface sets everything up, and the class or classes

35
that implement the interface do all the work. The different set of classes that implement the interface
have to follow the same rules.

5.3 CONCLUSION
Swing's high level of flexibility is reflected in its inherent ability to override the native host operating
system (OS)'s GUI controls for displaying itself. Swing "paints" its controls using the Java 2D APIs,
rather than calling a native user interface toolkit. The Java thread scheduler is very simple. All threads
have a priority value which can be changed dynamically by calls to the threads setPriority() method .
Implementing the above concepts in our project to do the efficient work among the Server.

36
 CHAPTER 6
IMPLEMENTATION
6.1 GENERAL
In the implementation part total project source code implemented. It will be useful for the user to
understand for the source code. It containts about the owner registration, user registration, admin login,
user login, data owner login.
This chapter describes the implementation of our project.

6.2 Source Code:

Index.jap
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Cloud Computing</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/droid_sans_400-droid_sans_700.font.js"></script>
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/script.js"></script>
<script type="text/javascript" src="js/coin-slider.min.js"></script>
<link rel="stylesheet" href="w3.css">
</head>
<body background="images/bc1.jpg">
<br/><br/><br/><br/><br/><br/>
<div>
<p style="text-align: justify; width: 600px; height: 520px; margin: 0 0 0 0; float: left; padding: 0 20px
20px 20px;"><img src="images/pc.jpg" style="width: 450px; height: 400px;"
alt=""></img></p></div>
<div>&nbsp;&nbsp;&nbsp;</div><div><p style="text-align: justify;">
37
<h1> <a href="index.jsp"><span style="color: white">Home Page</span></a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h1><br/>
<h1> <a href="Dataownerlogin.jsp"><span style="color: white">Data
Owner</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h1><br/>
<h1> <a href="login.jsp"><span style="color:
white">User</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h1><br/>
<h1> <a href="Authority.jsp"><span style="color:
white">Auditor</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h1><br/>
<h1> <a href="adminlogin.jsp"><span style="color: white">Admin
Login</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</h1></p></div>

</body>
</html>

DataOwnerLogin.java

package com.User;

import java.io.IOException;

import java.io.PrintWriter;

import java.sql.Connection;

import java.sql.ResultSet;

import java.sql.Statement;

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;
38
import javax.servlet.http.HttpSession;

import com.Bean.DataOwnerBean;

import com.Connections.Connections;

import com.Implementations.Implementation;

import com.Interfaces.UserInterface;

@WebServlet("/DataOwnerLogin")

public class DataOwnerLogin extends HttpServlet {

private static final long serialVersionUID = 1L;

public DataOwnerLogin() {

super();

// TODO Auto-generated constructor stub

} protected void doPost(HttpServletRequest request, HttpServletResponse response) throws

ServletException, IOException {

// TODO Auto-generated method stub

response.setContentType("text/html;charset=UTF-8");

PrintWriter out = response.getWriter();

String id=request.getParameter("id");

String password=request.getParameter("password");

String server=request.getParameter("server");

System.out.println("UserLogin");

DataOwnerBean bean1=new DataOwnerBean();

39
 bean1.setId(id);

bean1.setPassword(password);

bean1.setServer(server);

UserInterface ui=new Implementation();

String result=ui.dataownerlogin1(bean1);

HttpSession session1=request.getSession();

session1.setAttribute("uid",id);

session1.setAttribute("uname",result);

session1.setAttribute("password",password);

session1.setAttribute("server",server);

String n1="DataOwner1";

String n2="DataOwner2";

String n3="DataOwner3";

HttpSession session=request.getSession();

try

String name=null;

Connection con=Connections.con();

// Connection con= Dbconnection.getConn();

Statement st = con.createStatement();

40
 String sss = "select * from dataowner where id='"+id+"' && password='"+password+"' &&
server='"+server+"' ";

ResultSet rs=st.executeQuery(sss);

if(rs.next())

{ try {

Connection con1=Connections.con();

//Connections con1= Dbconnection.getConn();

Statement st1 = con1.createStatement();

String sss1 = "select * from dataowner where id='"+id+"' && password='"+password+"' &&
server='"+server+"'";

ResultSet rs1=st1.executeQuery(sss1);

while(rs1.next())

name=rs1.getString("name");

session.setAttribute("sname",name);

if(name.equals(n1))

{ response.sendRedirect("adminhome.jsp");

else if(name.equals(n2))

{ response.sendRedirect("DataOwner2Home.jsp");

}
41
 else if(name.equals(n3))

{ response.sendRedirect("DataOwner3Home.jsp");

} }

catch(Exception e2)

out.println(e2.getMessage());

} }

else {

response.sendRedirect("DataOwnerLogin.jsp?message=fail");

} }

catch(Exception e1)

out.println(e1.getMessage());

adminhome.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"

pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<%
42
HttpSession session1=request.getSession(false);
String name=(String)session.getAttribute("uname");
String uid=(String)session.getAttribute("uid");

HttpSession session2=request.getSession();
session.setAttribute("uid",uid);
session.setAttribute("uname",name);
System.out.println("PAGE id----"+uid);
System.out.println("PAGE NAME adminhome.jsp----"+name);
%>
<head>
<%@ page import="java.util.*" %>
<%@ page import="java.io.*" %>
<%@ page import="java.util.Random" %>

<%@ page import="javax.swing.JOptionPane" %>

<title>Cloud Computing</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- <link href="css/style.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="css/coin-slider.css" /> -->
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/droid_sans_400-droid_sans_700.font.js"></script>
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/script.js"></script>
<script type="text/javascript" src="js/coin-slider.min.js"></script>
</head>
<body background="images/bc1.jpg">
<!-- <img src="images/tc11.png" alt="" /> --><br/><br/><br/><br/><br/><br/><br/><br/>

<center>

43
 <a href="adminhome.jsp"><span style="color: white">Home</span></a>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<a href="file.jsp"><span style="color: white">DataOwner
Files</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<a href="UserProfile3.jsp"><span style="color:
white">UserProfiles</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<!-- <a href="inboxlogin.jsp">UserRequest</a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -->
<a href="index.jsp"><span style="color:
white">Logout</span></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

</center>
<br/> <br/>
<center><p> <h1><span><font face="TimesNewRoman" color="white" size="6"> Upload Files In
DataOwner1 </font></span></h1> </p>

<form action="UploadFile" method="post" enctype="multipart/form-data">

<table><tr>
<td><font face="TimesNewRoman" color="yellow" size="6">Add
File</font></td>
<td><input type="file" multiple="true" class="text"
name="upload" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow"
size="6">PublicKey</font></td>

44
 <td><input type="text" maxlength="5" value="10000"
readonly="readonly"
class="text" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow"
size="6">Encrypted Key</font></td>
<td><input type="text" maxlength="4" id="key" name="key"
value="<%=(int)(Math.random()*10000)%>" readonly="readonly"
class="text" /></td>

</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>
<tr>
<td><font face="TimesNewRoman" color="yellow" size="6">Data
Owner Name</font></td>
<td><input type="text" name="keyword" value="<%=name %>"
readonly="readonly"
class="text" /></td>
</tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>

45
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr>
<tr><td></td><td></td><td></td></tr></br>

<tr>
<td><td><input type="submit" value="SUBMIT" /></td></td>
</tr>
</table>
</form>

</center>

</body>
</html>

UploadFile.java

package com.Upload;

import java.io.File;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.IOException;

import java.io.InputStream;

import java.io.ObjectInputStream;

46
import java.io.ObjectOutputStream;

import java.io.PrintWriter;

import java.util.ArrayList;

import java.util.Date;

import java.util.HashMap;

import java.util.HashSet;

import java.util.Iterator;

import java.util.Map;

import java.util.Random;

import java.util.Set;

import javax.servlet.RequestDispatcher;

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

import com.Bean.Filebean;

import com.Implementations.Implementation;

import com.Interfaces.UserInterface;

import com.oreilly.servlet.MultipartRequest;

47
import com.oreilly.servlet.multipart.FilePart;

import com.oreilly.servlet.multipart.MultipartParser;

import com.oreilly.servlet.multipart.ParamPart;

import com.oreilly.servlet.multipart.Part;

import encryption.Publickey;

import encryption.security;

/**

* Servlet implementation class UploadFile

*/

@WebServlet("/UploadFile")

public class UploadFile extends HttpServlet {

private static final long serialVersionUID = 1L;

private String key;

/**

* @see HttpServlet#HttpServlet()

*/

public UploadFile() {

super();

// TODO Auto-generated constructor stub

48
protected void doGet(HttpServletRequest request,

HttpServletResponse response) throws ServletException, IOException {

// TODO Auto-generated method stub

/**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse

* response)

*/

protected void doPost(HttpServletRequest request,

HttpServletResponse response) throws ServletException, IOException {

// .TODO Auto-generated method stub

MultipartParser mp = new MultipartParser(request, 99999999);

Part part = null;

FilePart filePart = null;

ParamPart paramPart = null;

String filename = null;

String type = null;

String path = null;

String key=null;

String username = null;

49
 double fileSize = 0;

String searchkey=request.getParameter("keyword");

HttpSession session=request.getSession();

username=(String) session.getAttribute("username");

ArrayList<String> paramValues = new ArrayList<String>();

String fileToupload = getServletContext().getRealPath("/");

String fileTouploads = getServletContext().getRealPath("/");

System.out.println(fileTouploads+"file to uploads ");

Filebean upload = new Filebean();

System.out.println(fileToupload);

fileToupload = fileToupload.substring(0, fileToupload.indexOf("."))

+ "VTJCC09_2018\\WebContent\\CloudServer\\";

/*String metadatafile=fileTouploads.substring(0,
fileTouploads.indexOf("."))+"Cloud\\WebContent\\CloudDataBase\\metadata\\";*/

/*System.out.println(metadatafile);*/

while ((part = mp.readNextPart()) != null) {

if (part.isFile()) {

filePart = (FilePart) part;

fileToupload = fileToupload + filePart.getFileName();

filename = filePart.getFileName();

/*metadatafile=metadatafile+filename;*/

50
 File uploadedFile = new File(fileToupload);

/*File metaupload=new File(metadatafile); */

System.out.println("filename="+filename);

type = filePart.getContentType();

fileSize = filePart.writeTo(uploadedFile);

FileInputStream fis=new FileInputStream(uploadedFile);

upload.setUploadcontent(fis);

// filePart.writeTo(metaupload);

path = fileToupload;

System.out.println(" fileSize = " + fileSize);

} else if (part.isParam()) {

paramPart = (ParamPart) part;

String tagName = paramPart.getName();

System.out.println("tagName = " + tagName);

String tagValue = paramPart.getStringValue();

System.out.println("tagValue = " + tagValue);

paramValues.add(tagValue);

key=tagValue;

System.out.println("key="+key);

51
System.out.println(paramValues);

int status = 0;

upload.setFilename(filename);

upload.setType(type);

upload.setSize(fileSize + "");

upload.setPath(path);

FileInputStream fis= new FileInputStream(path);

upload.setUploadcontent(fis);

System.out.println("path="+path);

Iterator it=paramValues.iterator();

String arr[] = new String[2];

boolean result;

int num = 0;

while(it.hasNext())

arr[num]=(String) it.next();

// System.out.println(it.next());

num++;

upload.setKey(arr[0]);

upload.setUsername(arr[1]);

52
 System.out.println(upload.getKey()+"=key");

//SqlMethodsInterface I = SqlMethodsImplementation.getImplementation();

UserInterface I=new Implementation();

status = I.fileupload(upload);

System.out.println(status);

System.out.println("status " + status);

String fullpath=getServletContext().getRealPath("/");

int a=fullpath.indexOf('.');

String cutpath=fullpath.substring(0, a);

String filePath=cutpath+"VTJCC09_2018\\WebContent\\CloudDataBase\\metadata\\";

if (status >0)

{ String path1=filePath+key+".txt";

File file=new File(path1);

try{

FileOutputStream out = new

FileOutputStream(cutpath+"VTJCC09_2018\\WebContent\\CloudDataBase\\metadata\\"+filename+".txt");

ObjectOutputStream oout = new ObjectOutputStream(out);

/*PrintWriter printWriter=new PrintWriter(file);*/

security publickey=new security();

UserInterface u=new Implementation();

ArrayList list=u.upload(upload);

53
 Iterator iterator=list.iterator();

while (iterator.hasNext()) {

username=iterator.next().toString();

oout.writeObject("User Name is "+publickey.encrypt(username)+"\n");

filename=iterator.next().toString();

oout.writeObject("File Name is "+publickey.encrypt(filename)+"\n");

type=iterator.next().toString();

oout.writeObject("File Type is "+publickey.encrypt(type)+"\n");

oout.writeObject("File Size is "+publickey.encrypt( iterator.next().toString()+"")+"\n");

path=iterator.next().toString();

oout.writeObject("File Path is "+publickey.encrypt(path+"")+"\n");

key=iterator.next().toString();

oout.writeObject("Token Name is "+publickey.encrypt(key)+"\n");

InputStream i=(InputStream) iterator.next();

oout.writeObject("File Content is "+publickey.encrypt(i.toString())+"\n"); }

/*printWriter.println("User Name is \t"+username);

printWriter.println("File Name is \t"+filename);

printWriter.println("File Type is \t"+type);

printWriter.println("File Size is \t"+fileSize);

printWriter.println("File Path is \t"+path);

printWriter.println("Token Name is \t"+key);

54
 printWriter.close();*/

oout.close();

security.main(null);

catch (Exception ex) {

ex.printStackTrace();

response.sendRedirect("success.jsp");

else{

response.sendRedirect("upload.jsp");

55
 CHAPTER 7
SNAPSHOTS
7.1 GENERAL:
This project is implements like web application using COREJAVA and the Server process is
maintained using the SOCKET & SERVERSOCKET and the Design part is played by Cascading Style
Sheet.
7.2 SNAPSHOTS

Fig 7.1: Back End- Mysql

The software requirements provide a basis for creating the software requirements specification. Here we
are using Mysql 5.5 as a Backend for the process. SQL language is for adding, accessing and managing
content in a database. It is most noted for its quick processing, proven reliability, ease and flexibility of
use.

56
 Fig 7.2: IDE-Eclipse

The above figure Illustrate that we are using Eclipse as a IDE for the process, It is an integrated
development environment (IDE) used in computer programming, and is the most widely used Java IDE.
It contains a base workspace and an extensible plug-in system for customizing the environment.

57
 Fig 7.3: Login/Server-Welcome page

The above figure Illustrates the Login Welcome page where the user can access the other options as in
Home page , Data Owner, User, Auditor and Admin Login.

58
 Fig 7.4: Registration Page

The above figure illustrate the Registration page for the User where in the user can access the different
pages of the cloud starting with Data owner by registering into the server by giving in required details.

59
 Fig 7.5: Data Owner Login Details

The above Figure depicts the Login page of the Data Owner where in the user enters the ID and
password and Log in into the server to be able to upload and the access required files and information.

60
 Fig 7.6: Upload Files in Data Owner 1

The above figure depicts the process of uploading the files in the Data owner 1, the page give an option
of adding the file and also represents the Public key and Encrypted key mentioning the Data Owner
Name.

61
 Fig 7.7: Data Owner Login to check the files

The above figure depicts the data owner login page where the user enters the required data owner details
with password entry after adding the required files into the server.

62
 Fig 7.8: User Registration Page

The above figure illustrates the User registration page where in the user enters all his details including
user ID, name, email ID, contact details and also represent as to in which server the user wishes to
register.

63
 Fig 7.9: User Login

The above figure illustrates the User Login page where in the user checks if they can login into the
server after entering the registration details, this is done by entering the User ID,password and selecting
the required server.

64
 Fig 7.10: Auditor Welcome Page

The above figure depicts the home page of the Auditor and one can view all the registered users.
Auditing is process of collecting and evaluating evidence of an organization's information systems,
practices, and operations.

65
 Fig 7.11: Data Owner 1 File details

The above figure depicts the details of the Data Owner 1 server, representing the file, its size, search
key and a download button.

66
 Fig 7.12: Data Owner 2 File details

Like wise the above figure represents the Data Owner 2 server details representing the file, its size,
search key and a download button.

67
 Fig 7.13: Data Users List

After which the above figure depicts the details of all the data users list who all have accessed the server
mentioning there details which include user ID, name, password and contact details.

68
 Fig 7.14: Admin Login

The above figure depicts the Admin login page where the admin can get into the system to access and
know all the details of the the various Data owners in the server, Login i sdone by mentioning the
Admin name and password.

69
 Fig 7.15: All data Owner Details

The above picture depicts the list of all the Data owners and the no of files uploaded in them along with
their sizes and if required an option to delete them.

70
 CHAPTER 8
SOFTWARE TESTING

8.1 GENERAL
The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable
fault or weakness in a work product. It provides a way to check the functionality of components, sub
assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of
ensuring that the Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific testing
requirement.

8.2 DEVELOPING METHODOLOGIES

The test process is initiated by developing a comprehensive plan to test the general functionality and
special features on a variety of platform combinations. Strict quality control procedures are used.The
process verifies that the application meets the requirements specified in the system requirements document
and is bug free. The following are the considerations used to develop the framework from developing the
testing methodologies.

8.3 TYPES OF TESTS

8.3.1 Unit Testing

Unit testing involves the design of test cases that validate that the internal program logic is functioning
properly, and that program input produce valid outputs. All decision branches and internal code flow
should be validated. It is the testing of individual software units of the application .it is done after the
completion of an individual unit before integration. This is a structural testing, that relies on knowledge of
its construction and is invasive. Unit tests perform basic tests at component level and test a specific
business process, application, and/or system configuration. Unit tests ensure that each unique path of a
business process performs accurately to the documented specifications and contains clearly defined inputs
and expected results

71
8.3.2 Functional Test
Functional tests provide systematic demonstrations that functions tested are available as specified by the
business and technical requirements, system documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.

8.3.3 System Test

System testing ensures that the entire integrated software system meets requirements. It tests a
configuration to ensure known and predictable results. An example of system testing is the configuration
oriented system integration test. System testing is based on process descriptions and flows, emphasizing
pre-driven process links and integration points.

8.3.4 Performance Test

The Performance test ensures that the output be produced within the time limits,and the time taken by the
system for compiling, giving response to the users and request being send to the system for to retrieve the
results.

8.3.5 Integration Testing

Software integration testing is the incremental integration testing of two or more integrated software
components on a single platform to produce failures caused by interface defects.

The task of the integration test is to check that components or software applications, e.g. components in a
software system or – one step up – software applications at the company level – interact without error.

72
8.3.6 Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant participation by the end
user. It also ensures that the system meets the functional requirements.

Acceptance testing for Data Synchronization:

 The Acknowledgements will be received by the Sender Node after the Packets are received by the
Destination Node
 The Route add operation is done only when there is a Route request in need
 The Status of Nodes information is done automatically in the Cache Updation process

8.3.7 Build The Test Plan

Any project can be divided into units that can be further performed for detailed processing. Then a testing
strategy for each of this unit is carried out. Unit testing helps to identity the possible bugs in the individual
component, so the component that has bugs can be identified and can be rectified from errors

8.4 TEST CASES:

8.4.1 LOGIN PAGE ( User Interface Design ) :
A Login in or logging on is the entering of identifier information into a system by a user in order to
access the system. It may be an admin, data owner, user depending upon type of access. A login
generally requires the user to enter pieces of information like username, password, and all the necessary
information.
Test case 1:
Test case: Login Priority(H,L):High
Test Objective: To login the current working homepage
Test Description: The current homepage must be changed to login
Requirement verified: Yes
Test Environment: PC/Java
Test Setup/Pre-Condition: Home page must be working
Action: Expected:
The login page is checked The login page should be directed to the account
Pass: Yes Condition: No Fail: No
Problem/Issue: It reports an error whenever credentials are incorrect
Notes: Successfully executed
73
 8.4.2 USER REGISTRATION:
Upon the selection of user Sign up, the users can register by entering the details like name, password,
email, domain, and subdomain Upon the selection of domain and subdomain, the users can access only
the files related to their domain and subdomain. If the users selects irrelevant domain then they can’t
access the files irrelevant of their domain.
Test case 2:

Test case: User registration Priority(H,L):High

Test Objective: To successfully register in the cloud server

Test Description: The credentials must be valid

Requirement verified: Yes

Test Environment: PC/Java

Test Setup/Pre-Condition: All the credentials must be entered

Action: Expected:

The login details are verified The registration is successful

Pass: Yes Condition: No Fail: No

Problem/Issue: It reports an error whenever credentials are incorrect

Notes: Successfully executed

74
8.4.3 DATA OWNER (SERVER) LOGIN:
Transparent server provides an authentication, which is a process of identifying an individual within a
network who has an account in a directory services [enable manual authentication with in web sense
software]. It contains the username and password credentials of the data owner, who provides data to the
organization.

Test case 3:

Test case: Transparent server login Priority(H,L):High

Test Objective: To successfully register the data owner details

Test Description: The data owner credentials are entered

Requriement verified: Yes

Test Environment: PC/.Java

Test Setup/Pre-Condition: All the credentials must be entered

Action: Expected:

The login details are verified The registration is successful

Pass: Yes Condition: No Fail: No

Problem/Issue: It reports an error whenever credentials are incorrect

Notes: Successfully executed

75
8.4.4 ADDING FILES:
The data owner has the access rights to add the Files and sub files in the server, the files can be
classified to several types and data is organized accordingly. The data owner adds files to classify and
provide access rights to the user.

Test case 4:
Test case: Adding files Priority(H,L):High

Test Objective: To successfully add the file

Test Description: The files are successfully entered

Requriement verified: Yes

Test Environment:PC/Java

Test Setup/Pre-Condition: All the details must be entered

Action: Expected:

The details are verified The files are successfully added

Pass: Yes Condition: No Fail: No

Problem/Issue: It reports an error whenever credentials are incorrect

Notes: Successfully executed

76
8.4.5 FILE ACCESSING:
The specified user can access the file related to their domain can request the data
owner to access the file. Then the data owner acknowledges the request and
provide the access rights accordingly. Then the user receives the response sent by
the data owner and can access the files. The user can change and modify the files
after obtaining the access rights.

Test case 5:
Test case: File accessing Priority(H,L):High

Test Objective: The data owner provides access to the user

Test Description: The data owner sends the responses as an acknowledgement

Requirement verified: Yes

Test Environment: PC/Java

Test Setup/Pre-Condition: All the details must be entered

Action: Expected:

The details are verified The acknowledgement is successfully send

Pass: Yes Condition: No Fail: No

Problem/Issue: It reports an error whenever credentials are incorrect

Notes: Successfully executed

77
 CHAPTER 9
APPLICATION
9.1 GENERAL
We propose the CryptCloud+. The system works as follows. AT first generates the system
parameters to setup the system and shares the entire system parameters (including public and
private parameters) with AU. It then publishes the public parameters. Also, AT generates access
credentials (i.e. decryption keys) for DUs according to their identities and attributes. DOs
encrypt their data under access policies (which are chosen by themselves) and then outsource the
encrypted data to PC. Any authorized DU is able to decrypt the outsourced ciphertexts to access
to the underlying data. A DU is authorized if the set of attribute he/she possesses satisfies the
access policy defined over the outsourced data.

9.2 FUTURE ENHANCEMENT

One of our future works is to consider the black-box traceability and auditing. Furthermore, AU is
assumed to be fully trusted in CryptCloud+. However, in practice, it may not be the case. Is there
any way to reduce trust from AU? Intuitively, one method is to employ multiple AUs. This is
similar to the technique used in threshold schemes. But it will require additional communication
and deployment cost and meanwhile, the problem of collusion among AUs remains. Another
potential approach is to employ secure multi-party computation in the presence of malicious
adversaries. However, the efficiency is also a bottleneck. Designing efficient multi-party
computation and decentralizing trust among AUs (while maintaining the same level of security and
efficiency) is also a part of our future work.

78
 CONCLUSION
In this work, we have addressed the challenge of credential leakage in CP-ABE based cloud
storage system by designing an accountable authority and revocable CryptCloud which supports
white-box traceability and auditing (referred to as CryptCloud+). This is the first CP-ABE based
cloud storage system that simultaneously supports white-box traceability, accountable authority,
auditing and effective revocation. Specifically, CryptCloud+ allows us to trace and revoke
malicious cloud users (leaking credentials). Our approach can be also used in the case where the
users’ credentials are redistributed by the semi-trusted authority. We note that we may need
black-box traceability, which is a stronger notion (compared to white-box traceability), in
CryptCloud.

79
 REFERENCE

[1] Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan, Athanasios V. Vasilakos, Keqin
Li, and Albert Y. Zomaya. Sedasc: Secure data sharing in clouds. IEEE Systems Journal,
11(2):395–404, 2017.

[2] Mazhar Ali, Samee U. Khan, and Athanasios V. Vasilakos. Security in cloud computing:
Opportunities and challenges. Inf. Sci., 305:357–383, 2015.

[3] Michael Armbrust, Armando Fox, Rean Griffith, Anthony D Joseph, Randy Katz, Andy
Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, et al. A view of cloud
computing. Communications of the ACM, 53(4):50–58, 2010.

[4] Nuttapong Attrapadung and Hideki Imai. Attribute-based encryption supporting direct/indirect
revocation modes. In Cryptography and Coding, pages 278–300. Springer, 2009.

[5] Amos Beimel. Secure schemes for secret sharing and key distribution. PhD thesis, PhD thesis,
Israel Institute of Technology, Technion, Haifa, Israel, 1996.

[6] Mihir Bellare and Oded Goldreich. On defining proofs of knowledge. In Advances in
Cryptology-CRYPTO’92, pages 390–420. Springer, 1993.

[7] Dan Boneh and Xavier Boyen. Short signatures without random oracles. In EUROCRYPT -
2004, pages 56–73, 2004.

[8] Hongming Cai, Boyi Xu, Lihong Jiang, and Athanasios V. Vasilakos. Iot-based big data storage
systems in cloud computing: Perspectives and challenges. IEEE Internet of Things Journal, 4(1):75–
87, 2017.

[9] Jie Chen, Romain Gay, and Hoeteck Wee. Improved dual system ABE in prime-order groups
via predicate encodings. In Advances in Cryptology - EUROCRYPT 2015, pages 595–624, 2015.

[10] Angelo De Caro and Vincenzo Iovino. jpbc: Java pairing based cryptography. In ISCC 2011,
pages 850–855. IEEE, 2011.

80