Under the Guidance of Mr .RAMESH BABU , M.Tech Asst.Prof ,CSE Dept Presented by: K .Yamuna (10701A05b3) S .Reshma (10701A0564) N .Swarajitha (10701A0593) E .Sanjeev prem kumar (10701A0569) A .Siddartha (11705A0519)
Abstract Existing System Disadvantages. Proposed System Advantages Module System Requirements Design Result Conclusion
Abstract: Security challenges are still among the biggest obstacles when considering the adoption of cloud services. This triggered a lot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. Cloud computing is a subscription-based service where you can obtain network storage space and computing resources.
When considering using a cloud service, the user must be aware of the fact that all data given to the cloud provider leave the own control and protection sphere. Even more, if deploying data-processing applications to the cloud (via IaaS or PaaS), a cloud provider gains full control on these processes.
1.Third party auditors are not control the all security risks. 2. Misuse the cloud services 3. Attackers are going to alter and manipulations of data.
One idea on reducing the risk for data and applications in a public cloud is the simultaneous usage of multiple clouds. Several approaches employing this paradigm have been proposed recently. It provides four distinct models in the form of abstracted multicloud architectures. Achieves the data integrity. Reduce the attacker risks It gives the confidentiality List of the modules: Replication of applications. Partition of application System into tiers. Partition of application logic into fragments. Partition of application data into fragments.
Instead of executing a particular application on one specific cloud, the same operation is executed by distinct clouds. By comparing the obtained results, the cloud user gets evidence on the integrity of the result. Instead of trusting one cloud service provider totally, the cloud user only needs to rely on the assumption that the cloud providers do not collaborate maliciously against herself.
Replication of application system Architecture.
Allows separating the logic from the data gives additional protection against data leakage due to flaws in the application logic. It needs to be noted, that the security services provided by this architecture can only be fully exploited if the execution of the application logic on the data is performed on the cloud users system.
Partition of application system into tiers Architecture.
Allows distributing the application logic to distinct clouds. This has two benefits. o First, no cloud provider learns the complete application logic. o Second, no cloud provider learns the overall calculated result of the application. Thus, this leads to data and application confidentiality.
Partition of application logic into fragments Architecture
Allows distributing fine-grained fragments of the data to distinct clouds. None of the involved cloud providers gains access to all the data, which safeguards the datas confidentiality. HARDWARE REQUIREMENTS:
System : Any Processor above 500 MHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Color. Mouse : Logitech. RAM : 512 MB.
Language : JDK (1.7.0) Frontend : JSP, Servlets Backend : Oracle10g IDE : my eclipse 8.6 Operating System : windows XP Owner Login id Password Update files User Login id Password Download
Owner Logincheck Home Profile UploadFiles UploadFileStatus Queries Security Logout 1 : Logincheck() 2 : if valid() 3 : not valid 4 : ViewProfile() 5 : Uploadfiles() 6 : ViewAllUploadedFiles() 7 : filestatus 8 : ViewQueries() 9 : GiveSolution 10 : ChangePassword() 11 : Logout() 12 : AgainLogin() User Logincheck Home Profile AccessFilefromCloud AccessFiles Queries Security Logout 1 : Logincheck() 2 : if valid() 3 : ViewProfile() 4 : not valid 5 : UpdateProfile 6 : ViewAllUploadedFilesfromserver() 7 : GetKey() 8 : DownloadFiles 9 : filestatus 10 : PostQueries() 11 : ViewSolution 12 : ChangePassword() 13 : Logout() 14 : AgainLogin() Owner Authentication Home Profile Uploadfiles UploadFileStatus ViewAllUpdatedFiles FileStaus Queries ViewQueries GiveSolutions ChangePassword Logout if fails if success User Authentication Home Profile AccessDetails AccesssFileFromCloud GetKey DownloadFile Queries PostQueries ViewSolutions ChangePassword Logout if fails if success owner Home Profile ViewProfile Uploadfiles UploadFileStatus ViewAllUploadedFiles FileStatus ViewQueries GiveSolution ChangePassword Logout <<include>> <<include>> User Home Profile ViewProfile AccessFilesFromCloud GetKey DownloadFiles Queries ViewSolution ChangePassword Logout UpdateProfile PostQuery AccessDetails ViewAllFilesFromServer Unit Testing Integration Testing System Testing Black Box Testing White Box Testing
Test Case Name
Test Case Description Test Steps Step Expected Actual Login Validate Login To verify that Login name on login page must be greater than 1 characters enter login name less than 1 chars (say a) and password and click Submit button an error message Login not less than 1 characters must be displayed enter login name 1 chars (say a) and password and click Submit button Login success full or an error message Invalid Login or Password must be displayed Pwd Validate Password To verify that Password on login page must be greater than 1 characters enter Password less than 1 chars (say nothing) and Login Name and click Submit button an error message Password not less than 1 characters must be displayed Login Page Test Case Pwd02 Validate Password To verify that Password on login page must be allow special characters enter Password with special characters(say !@hi&*P) Login Name and click Submit button Login success full or an error message Invalid Login or Password must be displayed Llnk Verify Hyperlinks To Verify the Hyper Links available at left side on login page working or not Click Sign Up Link Home Page must be displayed Click Sign Up Link Sign Up page must be displayed Click New Users Link New Users Registration Form must be displayed
Test Case Name
Test Case Description Test Steps Step Expected Actual Registration Validate User Name To verify that User name on Registration page must be Declared enter User name click Submit button an error message User Name Must be Declared Validate Password To verify that Password on Registration page must be Declared enter Password click Submit button an error message Password Must be Declared Validate First Name To verify that First Name on Registration page must be Declared enter First Name click Submit button an error message First Name Must be Declared Validate Last Name To verify that Last Name on Registration page must be Declared enter Last Name click Submit button an error message Last Name Must be Declared Registration Page Test Case The use of multiple cloud providers for gaining security and privacy benefits is nontrivial. For instance, using the n clouds approach (and its integrity guarantees) in combination with sound data encryption (and its confidentiality guarantees) may result in approaches that suffice for both technical and regulatory requirements.
[1] P. Mell and T. Grance, The NIST Definition of Cloud Computing, Version 15, Natl Inst. of Standards and Technology, Information Technology Laboratory, vol. 53, p. 50, http://csrc.nist.gov/groups/ SNS/cloud-computing/, 2010. [2] F. Gens, IT Cloud Services User Survey, pt.2: Top Benefits & Challenges, blog, http://blogs.idc.com/ie/?p=210, 2008. [3] Gartner, Gartner Says Cloud Adoption in Europe Will Trail U.S. by at Least Two Years, http://www.gartner.com/it/page. jsp?id=2032215, May 2012. [4] J.-M. Bohli, M. Jensen, N. Gruschka, J. Schwenk, and L.L.L. Iacono, Security Prospects through Cloud Computing by Adopting Multiple Clouds, Proc. IEEE Fourth Intl Conf. Cloud Computing (CLOUD), 2011. [5] D. Hubbard and M. Sutton, Top Threats to Cloud Computing V1.0, Cloud Security Alliance, http://www. cloudsecurityalliance.org/topthreats, 2010. [6] M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical Security Issues in Cloud Computing, Proc. IEEE Intl Conf. Cloud Computing (CLOUD-II), 2009. [7] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third- Party Compute