CHAPTER 1

INTRODUCTION

1.1 OVERVIEW OF THE PROJECT

Nowadays, as an emerging and efficient computing model, cloud

computing has attracted widespread attention and support in many fields. In the
cloud computing environment, many services such as resource renting, application
hosting, and service outsourcing show the core concept of an on-demand service in
the IT field. In recent years, many IT tycoons are developing their business cloud
computing system, e.g. Amazon’sEC2Amazon’s S3Google App Engine. Cloud
computing can provide flexible computing capabilities, reduce costs and capital
expenditures and charge according to usage. Although the cloud computing
paradigm brings many benefits, there are many unavoidable security problems
caused by its inherent characteristics such as the dynamic complexity of the cloud
computing environment, the openness of the cloud platform and the high
concentration of resources. One of the important problems is how to ensure the
security of user data. Security problems, such as data security and privacy
protection in cloud computing, have become serious obstacles which, if not
appropriately addressed, will prevent the development and wide application of
cloud computing in the future. In 2009, a few serious security incidents with cloud
service occurred at many IT companies, including Google, Microsoft, and
Amazon. These incidents affected the information services to millions of
consumers. Therefore, it is important that security problems in cloud computing
receives significant attention. In cloud computing, users store their data files in
cloud servers. Thus, it is crucial to prevent unauthorized access to these resources

1
and realize secure resource sharing. In traditional access control methods, we
generally assume data owners and the storage server are in the same secure domain
and the server is fully trusted. However, in the cloud computing environment,
cloud service providers may be attacked by malicious attackers. These attacks may
leak the private information of users for commercial interests as the data owners
commonly store decrypted data in cloud servers. How to realize access control to
the encrypted data and ensure the confidentiality of data files of users in an
untrusted environment are problems that must be solved by cloud computing
technologies and applications. Moreover, since the number of users is large in a
cloud computing environment, how to realize scalable, flexible and fine-grained
access control is strongly desired in the service-oriented cloud computing model.
This paper proposes a hierarchical ciphertext-policy at-tribute-based encryption
(CP-ABE) access control scheme with constant-size ciphertext that can realize
scalable, flexible, and fine-grained access control of outsourced data in cloud
computing. Our contributions are: the proposed scheme adopts CP-ABE with
constant cipher text size and maintains the size of ciphertext and the computation
of bilinear pairing at a constant value, which improves the efficiency of the system
and reduces the extra overhead of space storage, data transmission and
computation. Second, we design a hierarchical access control system. This system
supports inheritance of authorization that reduces the burden and risk in the case of
single authority. Finally, we prove our scheme has indistinguishable security under
an adaptive chosen ciphertext attack and we analyze the performance of our
scheme. We present a simulation model to apply our scheme in a cloud
environment. The rest of this paper is organized as follows.

2
1.2 OBJECTIVE

Cloud Computing is an emerging technology, which relies on sharing

computing resources. Sharing of data in the group is not secure as the cloud
provider cannot be trusted. The fundamental difficulties in distributed computing
of cloud suppliers is Data Security, Sharing, Resource scheduling and Energy
consumption. Key-Aggregate cryptosystem used to secure private/public data in
the cloud. This key is consistent size aggregate for adaptable decisions of
ciphertext in cloud storage. Virtual Machines (VMs) provisioning is effectively
empowered the cloud suppliers to effectively use their accessible resources and get
higher benefits. The most effective method to share information resources among
the individuals from the group in distributed storage is secure, flexible and
efficient. Any data stored in different cloud data centers are corrupted, recovery
using regenerative coding. Security is provided many techniques like Forward
security, backward security, Key-Aggregate cryptosystem, Encryption and Re-
encryption etc. The energy is reduced using Energy-Efficient Virtual Machines
Scheduling in Multi-Tenant Data Centers.

3
 CHAPTER 2

LITERARTURE SURVEY

2.1 Title: A Lattice Model of Secure Information Flow

Authors: D.E. Denning
Description:
This paper investigates mechanisms that guarantee secure information
flow in a computer system. These mechanisms are examined within a
mathematical framework suitable for formulating the requirements of secure
information flow among security classes. The central component of the model is a
lattice structure derived from the security classes and justified by the semantics of
information flow. The lattice properties permit concise formulations of the security
requirements of different existing systems and facilitate the construction of
mechanisms that enforce security. The model provides a unifying view of all
systems that restrict information flow, enables a classification of them according to
security objectives, and suggests some new approaches. It also leads to the
construction of automatic program certification mechanisms for verifying the
secure flow of information through a program.

2.2 Title: On the implementation of security measures information systems,

Authors: R.W. Conway, W.L. Maxwell and H.L. Morgan
Description:
The security of an information system may be represented by a model
matrix whose elements are decision rules and whose row and column indices are
users and data items respectively. A set of four functions is used to access this
matrix at translation and execution time. Distinguishing between data dependent
and data independent decision rules enables one to perform much of the checking

4
of security only once at translation time rather than repeatedly at execution time.
The model is used to explain security features of several existing systems, and
serves as a framework for a proposal for general security system implementation
within today's languages and operating systems.

2.3 Title: Identity-based cryptosystems and signature schemes

Authors: Shamir,
Description:
In this paper we introduce a novel type of cryptographic scheme, which
enables any pair of users to communicate securely and to verify each other’s
signatures without exchanging private or public keys, without keeping key
directories, and without using the services of a third party. The scheme assumes
the existence of trusted key generation centers, whose sole purpose is to give each
user a personalized smart card when he first joins the network. The information
embedded in this card enables the user to sign and encrypt the messages he sends
and to decrypt and verify the messages he receives in a totally independent way,
regardless of the identity of the other party. Previously issued cards do not have
to be updated when new users join the network, and the various centers do not
have to coordinate their activities or even to keep a user list. The centers can be
closed after all the cards are issued, and the network can continue to function in a
completely decentralized way for an indefinite period.

2.4 Title: “Integrity Considerations for Secure Computer Systems

Authors: K.J. Biba,
5
Description:
An integrity policy defines formal access constraints which, if effectively enforced,
protect data from improper modification. The author identifies the integrity
problems posed by a secure military computer utility. Integrity policies addressing
these problems are developed and their effectiveness evaluated. A prototype secure
computer utility, Multiuse, is then used as a testbed for the application of the
developed access controls.

6
 CHAPTER 3

SYSTEM DESIGN

3.1 EXISTING SYSTEM

In the Existing system is in cloud computing, users store their data files in
cloud servers. Thus, it is crucial to prevent unauthorized access to these resources
and realize secure resource sharing. In traditional access control methods, we
generally assume data owners and the storage server are in the same secure domain
and the server is fully trusted. In cloud computing environment, cloud service
providers may be attacked by malicious attackers. These attacks may leak the
private information of users for commercial interests as the data owners commonly
store decrypted data in cloud servers. How to realize access control to the
encrypted data and ensure the confidentiality of data files of users in an untrusted
environment are problems that must be solved by cloud computing technologies
and applications.
DISADVANTAGE

 In the cloud computing environment, cloud service providers may be

attacked by malicious attackers.
 These attacks may leak the private information of users for commercial
interests as the data owners commonly store decrypted data in cloud servers.

3.2 PROPOSED SYSTEM

In the proposed system is Attribute-Based Encryption (ABE) is a

promising scheme suitable for access control in cloud storage systems. This
proposes a hierarchical attribute-based access control scheme with constant-size
ciphertext. The scheme is efficient because the length of ciphertext and the number

7
of bilinear pairing evaluations to a constant are fixed, which improves the
efficiency of the system and reduces the extra overhead of space storage, data
transmission and computation. Second, we design a hierarchical access control
system. This system supports inheritance of authorization that reduces the burden
and risk in the case of single authority. Finally, we prove our scheme has
indistinguishable security under an adaptive chosen ciphertext attack and we
analyze the performance of our scheme.
ADVANTAGE

 Its computation cost in encryption and decryption algorithms is low.

 This system supports inheritance of authorization that reduces the burden
and risk in the case of single authority.
 This scheme has indistinguishable security under an adaptive chosen
ciphertext attack.

3.3 SYSTEM SPECIFICATION

HARDWARE REQUIREMENTS

o Processor : Intel Core i3 Processor

o Speed : 2.5 GHz
o RAM : 2GB (min)
o Hard Disk : 500MB
o Key Board : Standard Windows Keyboard
o Mouse : Two or Three Button Mouse
o Monitor : LCD
8
SOFTWARE REQUIREMENTS

o Operating System : Windows7/10.

o Application Server : Tomcat6.0/7/8.X.
o Front End : Java, HTML,CSS
o Scripts : JavaScript.
o Server side Script : Java Server Pages.
o IDE : Net beans
o Back End : MYSQL 5.0/ Heidi SQL 8.1
o Database Connectivity : JDBC
o Database Connectivity : JDBC

ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming
interface for application developers and database systems providers. Before ODBC
became a de facto standard for Windows programs to interface with database
systems, programmers had to use proprietary languages for each database they
wanted to connect to. Now, ODBC has made the choice of the database system
almost irrelevant from a coding perspective, which is as it should be. Application
developers have much more important things to worry about than the syntax that is
needed to port their program from one database to another when business needs
suddenly change.
Through the ODBC Administrator in Control Panel, you can specify the
particular database that is associated with a data source that an ODBC application

9
program is written to use. Think of an ODBC data source as a door with a name on
it. Each door will lead you to a particular database. For example, the data source
named Sales Figures might be a MYSQL Server database, whereas the Accounts
Payable data source could refer to an Access database. The physical database
referred to by a data source can reside anywhere on the LAN.
The ODBC system files are not installed on your system by Windows 95.
Rather, they are installed when you setup a separate database application, such as
MYSQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in
Control Panel, it uses a file called ODBCINST.DLL. It is also possible to
administer your ODBC data sources through a stand-alone program called
ODBCADM.EXE. There is a 16-bit and a 32-bit version of this program and each
maintains a separate list of ODBC data Sources.

From a programming perspective, the beauty of ODBC is that the

application can be written to use the same set of function calls to interface with any
data source, regardless of the database vendor. The source code of the application
doesn’t change whether it talks to Oracle or MYSQL Server. We only mention
these two as an example. There are ODBC drivers available for several dozen
popular database systems. Even Excel spreadsheets and plain text files can be
turned into data sources. The operating system uses the Registry information
written by ODBC Administrator to determine which low-level ODBC drivers are
needed to talk to the data source (such as the interface to Oracle or MYSQL
Server). The loading of the ODBC drivers is transparent to the ODBC application
program. In a client/server environment, the ODBC API even handles many of the
network issues for the application programmer.

10
 The advantages of this scheme are so numerous that you are probably
thinking there must be some catch. The only disadvantage of ODBC is that it isn’t
as efficient as talking directly to the native database interface. ODBC has had
many detractors make the charge that it is too slow. Microsoft has always claimed
that the critical factor in performance is the quality of the driver software that is
used. In our humble opinion, this is true. The availability of good ODBC drivers
has improved a great deal recently. And anyway, the criticism about performance
is somewhat analogous to those who said that compilers would never match the
speed of pure assembly language. Maybe not, but the compiler (or ODBC) gives
you the opportunity to write cleaner programs, which means you finish sooner.
Meanwhile, computers get faster every year.

JDBC
In an effort to set an independent database standard API for Java, Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a
generic MYSQL database access mechanism that provides a consistent interface to
a variety of RDBMS. This consistent interface is achieved through the use of
“plug-in” database connectivity modules, or drivers. If a database vendor wishes to
have JDBC support, he or she must provide the driver for each platform that the
database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on
ODBC. As you discovered earlier in this chapter, ODBC has widespread support
on a variety of platforms. Basing JDBC on ODBC will allow vendors to bring
JDBC drivers to market much faster than developing a completely new
connectivity solution.

11
 JDBC was announced in March of 1996. It was released for a 90 day public
review that ended June 8, 1996. Because of user input, the final JDBC v1.0
specification was released soon after.
The remainder of this section will cover enough information about JDBC for you
to know what it is about and how to use it effectively. This is by no means a
complete overview of JDBC. That would fill an entire book.

JDBC Goals
Few software packages are designed without goals in mind. JDBC is one
that, because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library
into a solid framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some
insight as to why certain classes and functionalities behave the way they do.

The design goals for JDBC are as follows:

1. MYSQL Level API
The designers felt that their main goal was to define a MYSQL
interface for Java. Although not the lowest database interface level possible, it
is at a low enough level for higher-level tools and APIs to be created.
Conversely, it is at a high enough level for application programmers to use it
confidently.

2. MYSQL Conformance
MYSQL syntax varies as you move from database vendor to database
vendor. In an effort to support a wide variety of vendors, JDBC will allow any

12
query statement to be passed through it to the underlying database driver. This
allows the connectivity module to handle non-standard functionality in a
manner that is suitable for its users.

3. JDBC must be implemental on top of common database interfaces

The JDBC MYSQL API must “sit” on top of other common MYSQL
level APIs. This goal allows JDBC to use existing ODBC level drivers by the
use of a software interface. This interface would translate JDBC calls to ODBC
and vice versa.

4. Provide a Java interface that is consistent with the rest of the Java
system
Because of Java’s acceptance in the user community thus far, the designers
feel that they should not stray from the current design of the core Java system.

5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for
only one method of completing a task per mechanism. Allowing duplicate
functionality only serves to confuse the users of the API.

6. Use strong, static typing wherever possible

Strong typing allows for more error checking to be done at compile time;
also, less error appear at runtime.

7. Keep the common cases simple

Because more often than not, the usual MYSQL calls used by the
programmer are simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s,

13
 these queries should be simple to perform with JDBC. However, more complex
MYSQL statements should also be possible.

3.4 SYSTEM MODEL

Fig no.3.4 System Model

14
3.5 URL DIAGRAMS
3.5.1 DATA FLOW DIAGRAM

15
 Fig no.3.5.1 Data Flow Diagram

3.5.2 ER DIAGRAM

16
 Fig no.3.5.2 ER Diagram

3.5.3 USE CASE DIAGRAM

17
 Register

Login

Domain Manager Admin (TTP)

Domain Creation

View File

Verify and Allocate domain

Data User
Data Owner
Upload File

user Details

owner Details

Send Request

Accept requesst

Download File

Fig no. 3.5.3 Use Case Diagram

3.5.4 CLASS DIAGRAM

18
 Domain Manager Data Owner
+Attribute1: User Name +Attribute1: User Name
+Attribute2: Password +Attribute2: Password
+Operation1(): Domain Creation +Operation1(): Upload File
+Operation2(): View file +Operation2(): Accept Request
+Operation3(): Verify and Allocate Domain

Admin (TTP) Data User

+Attribute1: User Name +Attribute1: User Name

+Attribute2: Password +Attribute2: Password

+Operation1(): View file +Operation1(): View file

+Operation2(): User Details +Operation2(): Send Request
+Operation3(): Owner Details +Operation3(): Download File

Fig no.3.5.4 Class Diagram

3.5.5 SEQUENCE DIAGRAM

19
 Domain Manager Data Owner Database Admin (TTP) Data User

1 : Login()

2 : Domain creation()

3 : View file()

4 : Verify and Allocate domain()

5 : Login()

6 : Upload file()

7 : Login()

8 : Owner details()
9 : User details()

10 : Login()

11 : Send Request()

12 : Accept Request()

13 : Download file()

Fig no.3.5.5 Sequence Diagram

3.5.6 ACTIVITY DIAGRAM

20
 Register

Login

Domain creation

View file

Verify & Allocate file

Upload file

User Details

Owner Details

Send Request

Accept Request

Download file

Fig no.3.5.6 Activity Diagram

CHAPTER 4

21
 MODULES DESCRIPTION

4.1 MODULES

 Root Authority
 Domain Authority
 Cloud Server
 Data Owner
 Data User

4.1.1 Root Authority

The top-level domain authorities and low-level domain

authorities to realize attribute management and authority. The structure can
disperse the burden and risk of the authority of the single central attribute
authority in a cloud computing environment.

4.1.2 Domain Authority

The root authority has the top authority and is responsible for
generating system parameters and authorizing top-level domain authorities.
Each domain authority is responsible for managing domain authorities at the
next level or the data owners/users in its domain. This inherited structure of
attribute authority reduces the computation and disperses the burden and risk of
the authority of the central attribute authority. Each data owner/consumer is
administrated by a domain authority.

4.1.3 Cloud Server

The cloud service provider manages the cloud servers and

provides a data storage service. Data owners encrypt their shared data files and
store them in the cloud.
22
4.1.4 Data Owner

The data owner first encrypts the data file using asymmetric
key DEK and then encrypts DEK by using the proposed scheme with a specific
access control policy. The data owner uploads the final cipher text and stores it
in the cloud servers. Whether a user can access and de-crypt the data file
depends on how to obtain the symmetric key, which is decided by the user’s set
of access attributes.

4.1.5 Data User

Users download a previously encrypted data file from the cloud

and then decrypt the first part of the file CT based on the set of attributes to get
the symmetric key. The access polices are expressed in terms of the set of
attributes. The user obtains the data file by using the symmetric key to decrypt
the cipher text of the data file.

CHAPTER 5

LANGUAGE SPECIFICATIONS

23
5.1 JAVA TECHNOLOGY
Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be

characterized by all of the following buzzwords:

 Simple
 Architecture neutral
 Object oriented
 Portable
 Distributed
 High performance
 Interpreted
 Multithreaded
 Robust
 Dynamic
 Secure

With most programming languages, you either compile or interpret a

program so that you can run it on your computer. The Java programming language
is unusual in that a program is both compiled and interpreted. With the compiler,
first you translate a program into an intermediate language called Java byte codes
—the platform-independent codes interpreted by the interpreter on the Java

24
platform. The interpreter parses and runs each Java byte code instruction on the
computer. Compilation happens just once; interpretation occurs each time the
program is executed.

The following figure illustrates how this works.

Fig no.5.1 JAVA PROGRAM

You can think of Java bytecodes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development
tool or a Web browser that can run applets, is an implementation of the Java VM.
Java bytecodes help make “write once, run anywhere” possible. You can compile
your program into bytecodes on any platform that has a Java compiler. The
bytecodes can then be run on any implementation of the Java VM. That means that
as long as a computer has a Java VM, the same program written in the Java
programming language can run on Windows 2000, a Solaris workstation, or on an
iMac.

25
 Fig no.5.1.1 JAVA TECHNOLOGY

5.2 THE JAVA PLATFORM

A platform is the hardware or software environment in which a
program runs. We’ve already mentioned some of the most popular platforms
like Windows 2000, Linux, Solaris, and MacOS. Most platforms can be
described as a combination of the operating system and hardware. The Java
platform differs from most other platforms in that it’s a software-only
platform that runs on top of other hardware-based platforms.

The Java platform has two components:

 The Java Virtual Machine (Java VM)
 The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java
platform and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components

that provide many useful capabilities, such as graphical user interface (GUI)

26
 widgets. The Java API is grouped into libraries of related classes and
interfaces; these libraries are known as packages. The next section, What
Can Java Technology Do ?. Highlights what functionality some of the
packages in the Java API provide.
The following figure depicts a program that’s running on the Java
platform. As the figure shows, the Java API and the virtual machine insulate
the program from the hardware.

Fig no.5.2 JAVA PLATFORM

Native code is code that after you compile it, the compiled code runs
on a specific hardware platform. As a platform-independent environment,
the Java platform can be a bit slower than native code. However, smart
compilers, well-tuned interpreters, and just-in-time bytecode compilers can
bring performance close to that of native code without threatening
portability.

Architectural Benefits

This architecture has a couple of useful features. It not only makes it easy to
manage component life cycles (each component manages the life cycle
notifications for its children), but also to dynamically assemble a running Tomcat

27
server instance that is based on the information that has been read from
configuration files at startup. In particular, the server.xml file is parsed at startup,
and its contents are used to instantiate and configure the defined elements, which
are then assembled into a running Tomcat instance. The server.xml file is read only
once, and edits to it will not be picked up until Tomcat is restarted. This
architecture also eases the configuration burden by allowing child containers to
inherit the configuration of their parent containers. For instance, a Realm defines a
data store that can be used for authentication and authorization of users who are
attempting to access protected resources within a web application. For ease of
configuration, a realm that is defined for an engine applies to all its children hosts
and contexts. At the same time, a particular child, such as a given context, may
override its inherited realm by specifying its own realm to be used in place of its
parent's realm.

Top Level Components

The Server and Service container components exist largely as structural

conveniences. A Server represents the running instance of Tomcat and contains
one or more Service children, each of which represents a collection of request
processing components.

5.3 SERVER

A Server represents the entire Tomcat instance and is a singleton within a

Java Virtual Machine, and is responsible for managing the life cycle of its
contained services. The following image depicts the key aspects of the Server
component. As shown, a Server instance is configured using the server.xml
configuration file. The root element of this file is <Server> and represents the
Tomcat instance. Its default implementation is provided using

28
org.apache.catalina.core.StandardServer, but you can specify your own custom
implementation through the class Name attribute of the <Server> element.

Fig no.5.3 SERVER

A key aspect of the Server is that it opens a server socket on port 8005 (the
default) to listen a shutdown command (by default, this command is the text string
SHUTDOWN). When this shutdown command is received, the server gracefully
shuts itself down. For security reasons, the connection requesting the shutdown
must be initiated from the same machine that is running this instance of Tomcat. A
Server also provides an implementation of the Java Naming and Directory
Interface (JNDI) service, allowing you to register arbitrary objects (such as data
sources) or environment variables, by name. At runtime, individual components
(such as servlets) can retrieve this information by looking up the desired object
name in the server's JNDI bindings. While a JNDI implementation is not integral to
the functioning of a servlet container, it is part of the Java EE specification and is a
service that servlets have a right to expect from their application servers or servlet
containers. Implementing this service makes for easy portability of web

29
applications across containers. While there is always just one server instance
within a JVM, it is entirely possible to have multiple server instances running on a
single physical machine, each encased in its own JVM. Doing so insulates web
applications that are running on one VM from errors in applications that are
running on others, and simplifies maintenance by allowing a JVM to be restarted
independently of the others. This is one of the mechanisms used in a shared hosting
environment (the other is virtual hosting, which we will see shortly) where you
need isolation from other web applications that are running on the same physical
server.

5.4 SERVICE

While the Server represents the Tomcat instance itself, a Service represents
the set of request processing components within Tomcat. A Server can contain
more than one Service, where each service associates a group of Connector
components with a single Engine. Requests from clients are received on a
connector, which in turn funnels them through into the engine, which is the key
request processing component within Tomcat. The image shows connectors for
HTTP, HTTPS, and the Apache JServ Protocol (AJP). There is very little reason to
modify this element, and the default Service instance is usually sufficient.

30
 Fig no.5.4 SERVICE

A hint as to when you might need more than one Service instance can be found in
the above image. As shown, a service aggregates connectors, each of which
monitors a given IP address and port, and responds in a given protocol. An
example use case for having multiple services, therefore, is when you want to
partition your services (and their contained engines, hosts, and web applications)
by IP address and/or port number.

For instance, you might configure your firewall to expose the connectors for
one service to an external audience, while restricting your other service to hosting
intranet applications that are visible only to internal users. This would ensure that
an external user could never access your Intranet application, as that access would
be blocked by the firewall. The Service, therefore, is nothing more than a grouping
construct. It does not currently add any other value to the proceedings.

5.5 CONNECTORS

A Connector is a service endpoint on which a client connects to the Tomcat

container. It serves to insulate the engine from the various communication

31
protocols that are used by clients, such as HTTP, HTTPS, or the Apache JServ
Protocol (AJP). Tomcat can be configured to work in two modes—Standalone or
in Conjunction with a separate web server. In standalone mode,

Fig no.5.5 CONNECTOR

5.6 MYSQL Server

Microsoft MYSQL Server is a relational database management system

developed by Microsoft. As a database, it is a software product whose primary
function is to store and retrieve data as requested by other software applications, be
it those on the same computer or those running on another computer across a
network (including the Internet). There are at least a dozen different editions of
Microsoft MYSQL Server aimed at different audiences and for different workloads
(ranging from small applications that store and retrieve data on the same computer,
to millions of users and computers that access huge amounts of data from the
Internet at the same time). True to its name, Microsoft MYSQL Server's primary
query languages are T-MYSQL and ANSI MYSQL.

5.6.1 MYSQL Server Architecture Diagram

32
 Fig no.5.6.1 MYSQL Server Architecture Diagram

For this purpose, it defined an xml data type that could be used either as a data type
in database columns or as literals in queries.

XML columns can be associated with XSD schemas; XML data being stored
is verified against the schema. XML is converted to an internal binary data type
before being stored in the database. Specialized indexing methods were made
available for XML data. XML data is queried using XQuery; MYSQL Server 2005
added some extensions to the T-MYSQL language to allow embedding XQuery
queries in T-MYSQL. In addition, it also defines a new extension to XQuery,
called XML DML that allows query-based modifications to XML data. MYSQL
Server 2005 also allows a database server to be exposed over web services using
Tabular Data Stream (TDS) packets encapsulated within SOAP (protocol)

33
requests. When the data is accessed over web services, results are returned as
XML.

Common Language Runtime (CLR) integration was introduced with this

version, enabling one to write MYSQL code as Managed Code by the CLR. For
relational data, T-MYSQL has been augmented with error handling features
(try/catch) and support for recursive queries with CTEs (Common Table
Expressions). MYSQL Server 2005 has also been enhanced with new indexing
algorithms, syntax and better error recovery systems. Data pages are check
summed for better error resiliency, and optimistic concurrency support has been
added for better performance. Permissions and access control have been made
more granular and the query processor handles concurrent execution of queries in a
more efficient way. Partitions on tables and indexes are supported natively, so
scaling out a database onto a cluster is easier.

CHAPTER 6

SYSTEM TESTING AND MAINTAINENCE

6.1 SYSTEM TESTING

Testing is vital to the success of the system. System testing makes a logical
assumption that if all parts of the system are correct, the goal will be successfully
achieved. In the testing process we test the actual system in an organization and
gather errors from the new system operates in full efficiency as stated. System
testing is the stage of implementation, which is aimed to ensuring that the system
works accurately and efficiently.

34
 In the testing process we test the actual system in an organization and gather
errors from the new system and take initiatives to correct the same. All the front-
end and back-end connectivity are tested to be sure that the new system operates in
full efficiency as stated. System testing is the stage of implementation, which is
aimed at ensuring that the system works accurately and efficiently.

The main objective of testing is to uncover errors from the system. For the
uncovering process we have to give proper input data to the system. So we should
have more conscious to give input data. It is important to give correct inputs to
efficient testing.

Testing is done for each module. After testing all the modules, the modules are
integrated and testing of the final system is done with the test data, specially
designed to show that the system will operate successfully in all its aspects
conditions. Thus the system testing is a confirmation that all is correct and an
opportunity to show the user that the system works.

This will create two problems, Time delay between the cause and appearance of
the problem. The effect of the system errors on files and records within the
system.The purpose of the system testing is to consider all the likely variations to
which it will be suggested and push the system to its limits

The testing process focuses on logical intervals of the software ensuring that all
the statements have been tested and on the function intervals (i.e.,) conducting tests
to uncover errors and ensure that defined inputs will produce actual results that
agree with the required results. Testing has to be done using the two common steps
Unit testing and Integration testing. In the project system testing is made as
follows:

35
 The procedure level testing is made first. By giving improper inputs, the errors
occurred are noted and eliminated. This is the final step in system life cycle. Here
we implement the tested error-free system into real-life environment and make
necessary changes, which runs in an online fashion. Here system maintenance is
done every months or year based on company policies, and is checked for errors
like runtime errors, long run errors and other maintenances like table verification
and reports.

6.2 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business

proposal is put forth with a very general plan for the project and some cost
estimates. During system analysis the feasibility study of the proposed system is to
be carried out. This is to ensure that the proposed system is not a burden to the
company. For feasibility analysis, some understanding of the major requirements
for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

6.2.1 ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be

36
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.

6.2.2 TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.

6.2.3 SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the
user. This includes the process of training the user to use the system efficiently.
The user must not feel threatened by the system, instead must accept it as a
necessity. The level of acceptance by the users solely depends on the methods that
are employed to educate the user about the system and to make him familiar with
it. His level of confidence must be raised so that he is also able to make some
constructive criticism, which is welcomed, as he is the final user of the system.

6.3 UNIT TESTING

Unit testing verification efforts on the smallest unit of software design,

module. This is known as “Module Testing”. The modules are tested separately.
This testing is carried out during programming stage itself. In these testing steps,

37
each module is found to be working satisfactorily as regard to the expected output
from the module.

6.3.1 INTEGRATION TESTING

Integration testing is a systematic technique for constructing tests to uncover

error associated within the interface. In the project, all the modules are combined
and then the entire programmer is tested as a whole. In the integration-testing step,
all the error uncovered is corrected for the next testing steps.

CHAPTER 7
CONCLUSION AND FUTURE ENHANCEMENT

7.1 CONCLUSION

Secure sharing of data plays an important role in cloud computing.

Attribute-based access control cans realize data confidentiality in the untrusted
environment of server-end, fine-grained access control and large-scale dynamic

38
authorization which are the difficult problems to solve the traditional access
control. This paper proposes a structure of hierarchical attribute authority based on
cloud computing which reduces the burden and disperses the risk of the single
authority. The proposed scheme adopts CP-ABE with constant-size ciphertext that
solves the problem of the cipher text size depending linearly on the number of
attributes. Our scheme can maintain the size of ciphertext and the computation of
encryption and decryption at a constant value. Therefore, the scheme can improve
the efficiency of the system. We have performed some numerical simulation and
the testing results are coincident with the theoretical analysis. In addition, we prove
the scheme is of CCA2 security under the decision-al q-Bilinear Diffie-Hellman
Exponent assumption. Finally, we also demonstrate an application model in a
Hadoop distributed cloud environment. This shows our scheme has good
adaptability and scalability in cloud computing. In further research, we intend to
focus on making the CP-ABE algorithm simpler and more efficient along with
making it even more suitable for access control in a cloud environment.

7.2 FUTURE ENHANCEMENT

The project has a very vast scope in future. The project can be implemented on
intranet in future. Project can be updated in near future as and when requirement
for the same arises, as it is very flexible in terms of expansion. With the Attribute
Based Data Sharing in Cloud Computing, fully functional the client is now able to
manage and hence run the entire work in a much better, accurate and error free
manner.

APPENDIX-A

39
 SAMPLE CODING

INDEX.HTML:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>CP-ABE</title>
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
<!--[if lte IE 7]>
<link rel="stylesheet" href="css/ie.css" type="text/css" charset="utf-
8" />
<![endif]-->
</head>

<body>
<div id="header">
<a style="color: white;font-size: 30px;">ATTRIBUTE-BASED
DATA SHARING IN CLOUD COMPUTING
</a>
<div id="navigation">
<ul>
<li class="first selected"><a
href="index.html">Home</a></li>
<li><a href="User.jsp">User</a></li>
<li><a href="Data_owner.jsp">DataOwner</a></li>
<li><a href="Cloud_server.jsp">CloudServer</a></li>

40
 <li><a
href="Root_authority.jsp">RootAuthority</a></li>
<li><a
href="Domain_authority.jsp">DomainAuthority</a></li>

</ul>
</div>
</div>
<div id="adbox"><br><br>
<center>
<img alt="" src="images/Architecture.jpg" style="width:
700px;height: 268px;">
</center>
<div class="footer">
</div>
</div>
<div id="footer">
<div id="newsletter">
</div
</div>
</body>
</html>
ROOT_USER_HOME.JSP:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Business Solutions</title>

41
 <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
<!--[if lte IE 7]>
<link rel="stylesheet" href="css/ie.css" type="text/css" charset="utf-
8" />
<![endif]-->
</head>

<body>
<div id="header">
<a style="color: white;font-size: 30px;">ATTRIBUTE-BASED DATA SHARING
IN CLOUD COMPUTING</a>
<div id="navigation">
<ul>
<li><a href="Root_home.jsp">Home</a></li>
<li><a href="Root_domaindetails.jsp">Domain
Details</a></li>
<li><a href="Root_filedetails.jsp">File Details</a></li>
<li class="first selected"><a
href="Root_user_owner.jsp">User&Owner Details</a></li>
<li><a href="logout_page.jsp">Logout</a></li>

</ul>
</div>
</div> <!-- /#header -->
<div id="adbox" style="width: 1360px;"><br><br>
<center>

42
 <font face="TimesNewRoman" style="color: Maroon;font-size:
20px;">View User & Owner Details</font>
<br><br>
<table style="width: 600px;">
<tr>
<th>Category</th>
<th>UserName</th>
<th>Email</th>
<th>Domain</th>
<th>Status</th>
</tr>
<tr style="height: 10px;"></tr>
<%
Connection con=DB.getconnection();
Statement st=null;
Statement st1=null;
st=con.createStatement();
st1=con.createStatement();
ResultSet rs=st.executeQuery("select * from userdetails");
while(rs.next()){
%>
<tr>
<td align="center">User</td>
<td align="center"><%=rs.getString("username") %></td>
<td align="center"><%=rs.getString("email") %></td>
<td align="center"><%=rs.getString("domain") %></td>
<td align="center"><%=rs.getString("status") %></td>
43
 </tr>
<%} %>
<%
ResultSet rs1=st1.executeQuery("select * from ownerdetails");
while(rs1.next()){
%>
<tr>
<td align="center">Owner</td>
<td align="center"><%=rs1.getString("username") %></td>
<td align="center"><%=rs1.getString("email") %></td>
<td align="center"><%=rs1.getString("domain") %></td>
<td align="center"><%=rs1.getString("status") %></td>
</tr>
<%} %>
</table>
</center>
</div> <!-- /#adbox -->
<div id="footer">
<div id="newsletter">
</div>
</body>
</html>

DATA_OWNER_REGISTER:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
44
 <title>DataOwner</title>
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
<!--[if lte IE 7]>
<link rel="stylesheet" href="css/ie.css" type="text/css" charset="utf-
8" />
<![endif]-->
</head>

<body>
<div id="header">
<a style="color: white;font-size: 30px;">ATTRIBUTE-BASED DATA SHARING
IN CLOUD COMPUTING</a>
<div id="navigation">
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="User.jsp">User</a></li>
<li class="first selected"><a
href="Data_owner.jsp">DataOwner</a></li>
<li><a href="Cloud_server.jsp">CloudServer</a></li>
<li><a
</ul>
</div>

</div> <!-- /#header -->

<div id="adbox" style="width: 1360px;height: 600px;"><br><br>
<div style="width: 600px;float: left;">

45
 <img alt="" src="images/logo.png" style="width: 600px;height:
268px;">
</div>
<div style="width: 760px;float: right;">
<center><font face="TimesNewRoman" style="color: Maroon;font-size:
20px;"> Data Owner Registration Page</font>
<form action="Dataowner_regcheck.jsp" >
<table>
<tr style="height: 20px;"></tr>
<tr>
<td style="color: black;font-size: 15px;">User Name</td>
<td style="color: black;font-size: 15px;"><input type="text" name="name"
required="" style="background-color: white;color: black;border-radius:
4px;height: 30px;font-size: 20px;width: 180px;"/></td>
</tr>
<tr style="height: 20px;"></tr>
<tr>
<td style="color: black;font-size: 15px;">Password</td>
<td style="color: black;font-size: 15px;"><input type="password"
name="pass" required="" style="background-color: white;color: black;border-
radius: 4px;height: 30px;font-size: 20px;width: 180px;" /></td>
</tr>
<tr style="height: 20px;"></tr>
<tr>
<td style="color: black;font-size: 15px;">Email ID</td>

46
 <td style="color: black;font-size: 15px;"><input type="email"
name="email" required="" style="background-color: white;color: black;border-
radius: 4px;height: 30px;font-size: 20px;width: 180px;"/></td>
</tr>
<tr style="height: 20px;"></tr>
<tr>
<td style="color: black;font-size: 15px;">Mobile NO</td>
<td style="color: black;font-size: 15px;"><input type="text" name="mobile"
<td style="color: black;font-size: 15px;">Country</td>
<td style="color: black;font-size: 15px;"><input type="text"
name="country" required="" style="background-color: white;color: black;border-
radius: 4px;height: 30px;font-size: 20px;width: 180px;" /></td>
</tr>
<tr style="height: 20px;"></tr>
<tr>
<td style="color: black;font-size: 15px;">Select Domain</td>
</div>
</div>
<td style="color: black;font-size: 15px;"><select name="domain"
style="background-color: white;color: black;border-radius: 4px;height: 30px;font-
size: 20px;width: 180px;"><option>------Select------</option>
<%Connection con=DB.getconnection();
Statement st=null;
st=con.createStatement();
ResultSet rs=st.executeQuery("select * from domaindetails");
while(rs.next()){
%>
47
<option><%=rs.getString("username") %></option><%} %> </select> </td>
</tr>
<tr style="height: 20px;"></tr>
</table>
<input type="submit" value="Register" style="border-radius: 45px;width:
125px;height: 38px;color: white;background-color: #c4094f;box-shadow: 0 9px
9px 0 rgba(3,3,3,3.24), 0 9px 9px 0 rgba(3,3,3,3.24);">
</form><br><br><br>
<a href="Data_owner.jsp">Back</a>
</center>
</div>
</div>
<div id="footer">
<div id="newsletter">
</body>
</html>

APPENDIX-B

48
SCREENSHOTS

Front page of the website

Login to the Domain and Authorize it

49
Domain Page

User Interface

50
Here, we have to upload files by clicking choose file

Ciphertext Page

51
Details of the Uploaded files

User Request Details

52
User Interface

File Details

53
Response from File Owner and File Domain

Here, we have to decrypt the file to download

54
 User download page
REFERENCES

1. Amazon Elastic Compute Cloud (Amazon EC2).

http://aws.amazon.com/ec2/
2. Amazon Web Service (AWS). http://s3.amazonaws.com/
3. Google App Engine (GAE). http://code.google.com/appengine/
4. Microsoft Azure. http://www.windowsazure.com
5. R.W. Conway, W.L. MaxWell and H.L. Morgan, “On the im-plementation
of security measures in formation systems,” Communations of the ACM,vol.
15, no.4, pp:211-220, April. 1972.
6. D.E. Denning,”A Lattice Model of Secure Information Flow,”
Communications of the ACM,vol. 19, no. 5, pp:236-243, May. 1976.

55
7. D.E. Bell and L.J. LaPadula, “Secure Computer System: Unified Exposition
and Multics Interpretation,”Technical Report TR-A885320, The MITRE
Corp.,Bedford, MA, Mar. 1976.
8. K.J. Biba,“Integrity Considerations for Secure Computer Sys-tems,”
Technical Report TR-A423930,The MITRE Corp.,Bed-ford, MA, Apr.
1977.
9. R. Sandhu, E.J. Coyne and H.L. Feinstein, “Role-based access control
models,” IEEE Computer,vol. 29, no. 2, pp:38-47, Feb. 1996.
10. A. Shamir, “Identity-based cryptosystems and signature schemes”,
Advances in Cryptology: Conf. of CRYPTO 84, LNCS 196,pp: 47-53, 1984.

56