KEY AGGREGATE SEARCHABLE ENCRPTION

KEY AGGREGATE SEARCHABLE ENCRPTION (KASE)
FOR MULTI DATA SHARING VIA CLOUD STORAGE

A DISSERTATION SUBMITTED IN PARTIAL FULFILLMENT OF
THE REQUIREMENTS FOR THE DEGREE OF

MASTER OF TECHNOLOGY

IN

COMPUTER SCIENCE

BY

SYEDA FATIMA
ROLL No. 15H11D0512

UNDER THE GUIDANCE OF

Mr. S MD ISMAIL
ASSOCIATE PROFESSOR, DEPT. OF CSE

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

AL HABEEB COLLEGE OF ENGINEERING AND
TECHNOLOGY

AFFILIATED TO JNTU HYDERABAD

September, 2017

Al-HABEEB COLLEGE OF ENGINEERING & TECHNOLOGY

Approved by AICTE, Affiliated to JNTU Hyderabad
Accredited by NBA, ISO 9001 : 2008 Certified
Chevella, R.R. District – 501503.

Certificate

This is to certify that the Dissertation entitled “KEY AGGREGATE
SEARCHABLE ENCRYPTION (KASE) FOR MULTI DATA SHARING VIA

COULD STORAGE” submitted by Miss SYEDA FATIMA bearing Roll No.
15H11D0512, in partial fulfillment of the requirements for the award of Master of
Technology Degree in COMPUTER SCIENCE during 2016-2017 at the Al -Habeeb
College of Engineering & Technology, Affiliated to Jawaharlal Nehru Technological
University Hyderabad is an authentic work carried out by him under our guidance and
supervision.

The results presented in this dissertation have been verified and are found to be
satisfactory. The results embodied in this dissertation have not been submitted to any
other University for the award of any other degree ordiploma.

ADVISER HODCSE

EXTERNAL EXAMINER

DECLARATION

I hereby assert that the Dissertation entitled “KEY AGGREGATE
SEARCHABLEENCRYPTION(KASE))FOR MULTI DATA SHARING VIA
CLOUD STORAGE” submitted to the JNTU Hyderabad, is a record of an original work
done by me under the guidance of Mr. S MD ISMAIL, Associate Professor and MTech
Coordinator, Department of Computer Science & Engineering, Al Habeeb College of
Engineering & Technology, submitted in the partial fulfillment of the requirements for the
award of Master of Technology degree in Computer Science. The results embodied in this
thesis have not been submitted to any other University or Institute for the award of any
degree ordiploma.

SYEDA FATIMA
ROLL No. 15H11D0512

ACKNOWLEDGEMENTS

I would like to thank the ALMIGHTY, who gave me everything to complete this
task and my PARENTS for all their support during this project work. This Dissertation
would not have been possible without the support and direction of multitude of people.

I am deeply indebted to Mr. S MD ISMAIL, M.Tech Coordinator, Associate
Professor, Dept. of CSE, AHCETfor his valuable suggestions and support. In spite of his
extremely busy schedules in Department, he was always available to share with me his deep
insights, wide knowledge and extensiveexperience.

I sincerely thank Mr. MOHD ANWAR ALI, Head, Dept. of CSE, AHCET
for giving sufficient guidance for completing the project.

I express my whole hearted gratitude to Dr.P.MADAR VALLI, Professor, Dept.
of Mechanical Engineering and Principal, AHCET for providing the conducive
environment for carrying through our academic schedules and project with ease.

I would like to thank my institution and all the faculty members of CSE
department for their help and guidance. They have been great sources of inspiration to
me.

I would like to thank all my friends and especially my classmates for all the
thoughtful and mind stimulating discussions we had, which prompted us to think beyond
the obvious. I have enjoyed their company so much during my stay at AHCET.

SYEDA FATIMA
ROLL No. 15H11D0512

ABSTRACT

The capability of selectively sharing encrypted data with different users via public cloud
storage may greatly ease security concerns over inadvertent data leaks in the cloud. A key challenge to
designing such encryption schemes lies in the efficient management of encryption keys. The desired
flexibility of sharing any group of selected documents with any group of users demands different
encryption keys to be used for different documents. However, this also implies the necessity of
securely distributing to users a large number of keys for both encryption and search, and those users
will have to securely store the received keys, and submit an equally large number of keyword
trapdoors to the cloud in order to perform search over the shared data.
The implied need for secure communication, storage, and complexity clearly renders the
approach impractical. In this paper, we address this practical problem, which is largely neglected in
the literature, by proposing the novel concept of key aggregate searchable encryption (KASE) and
instantiating the concept through a concrete KASE scheme, in which a data owner only needs to
distribute a single key to a user for sharing a large number of documents, and the user only needs to
submit a single trapdoor to the cloud for querying the shared documents. The security analysis and
performance evaluation both confirm that our proposed schemes are provably secure and practically
efficient.

CONTENT
Declaration I
Acknowledgement II
Abstract III
Content IV-V
List of figures VI-VII
CHAPTER 1: INTRODUCTION 1-8
1.1 Introduction 1
CHAPTER 2: ABOUT DOMAIN 9-14
CHAPTER 3: PROBLEM ANALYSIS AND
RELATED WORK 15-23
3.1 Literature Survey 15
3.2 Existing System/Problem 18
3.3 Proposed System/Solution 19
3.4 Methodology 21
3.5 System Requirements 23
CHAPTER 4: SYSTEM DESIGN 24- 33
4.1 Architectural Design 24
4.2 Overall block diagram 25
4.3 Flow graph 25
4.4 UML 27

CHAPTER 5: SYSTEMIMPLEMENTATION 34-49
5.1 System Environment 34
5.1.1JAVA Technology 34
5.2 Screen Shots 37
CHAPTER 6: TESTING 50-54
6.1 SystemTesting 50
6.2 UnitTesting 53
6.3 Integration Testing 53
6.4 Acceptance Testing 54
CHAPTER7: CONCLUSION 55
CHAPTER8: REFERENCES 56-59

LIST OF FIGURES

FIGURE NO. FIGURE NAME PAGE NO.
Fig. 2.1 Cloud Computer 9
Structure
Fig 2.2 Characteristics of 11
Cloud computing
Fig. 2.3 Structure of Admin 12
Model
Fig. 4.1 System Architecture 24
Fig. 4.2 Block Diagram 25
Fig. 4.3 Data Flow Diagram 26
Fig. 4.4 Class Diagram 29
Fig. 4.5 Sequence Diagram 29
Fig. 4.6 Use Case Diagram 30
Fig. 4.7 Activity Diagram for 30
Data Owner
Fig. 4.8 Activity Diagram for 31
Data User
Component Diagram
Fig. 4.9 & Deployment 31&32
Diagram
Fig. 4.10 Collaboration 32
Diagram
Fig. 4.11 State Chart Diagram 33
Fig. 5.1 Interpreter Parses 35
Fig. 5.2 Compilation 36
Fig. 5.3 Program execution 36
block diagram
Fig. 5.4 Home 37
Fig 5.5 Abstract 38
Fig 5.6 Owner Registration 38
Fig. 5.7 Owner Login 39
Fig. 5.8 Owner Home 39
Fig. 5.9 Drop Box for file 40
upload

Fig. 5.10 Insert file in Drop 41
Box
Fig. 5.11 File upload in Cloud 42
Fig. 5.12 File sharing 43
Fig. 5.13 User Detail 43
Fig. 5.14 Master key to User 44
mail
Fig. 5.15 Owner Logout 45
Fig. 5.16 User Registration 45
Fig. 5. 17 User Login 46
Fig. 5.18 User Home page. 46
Fig. 5.19 Mater key in E-mail. 47
Fig. 5.20 Drop API Key 47
Fig. 5.21 Enter API key 48
Fig. 5.22 Downloading of File 48
Fig. 5.23 User logout 49
Fig. 5.24 File sharing in Group 49

CHAPTER–1
INTRODUCTION

CHAPTER – 1

INTRODUCTION

1.1 INTRODUCTION

Information allocation is definitely an obligatory versatility in assigned
stockpile. In this text, we exhibit to carefully, handily, and adaptably receive
instruction including opportunity in shared stockpile. We interpret new release key
cryptosystems whatever launch true magnitude unravel manuals near the tip design
that fact trained moniker of fathom rights to get a pattern of conclude Texts are
imaginable. The phenomenon is that one can amount to any design of puzzle keys
and lead them to as traditional as a singular key, nevertheless incorporating the
strength of each of the keys body amassed. At the top of one’s day, the problem key
purchaser can flow a logical extent amount to key for versatile decisions of unravel
idea erupt dispersed cache, yet any other scrambled documents out of doors the set
detain restricted. This moderate equal key could be profitably consigned to option or
be knocking off inside a cunning ticket amidst particularly unnatural settle
stockpiling. We grant a formal freedom study of our plans within the usual mode.
We you will also paint alternative discharge of our plans. Specifically, our plans
return the first release key patient-controlled encryption for malleable food chain,
whatever was yet planned known.

EXISTING SYSTEM:

Considering instruction insurance, a routine method of warranty it’s miles to
rely upon the hostess to confirm the doorway regulate hind verification, which means
any shocking get advantages heightening feeling discover all instruction. In an
interchanged term assigned computing rule, stuff grows to be a lot more shameful.
Information starting with various customers might be facilitated on outlying in
conduct mechanical devices (VMs) yet dwell upon a lonely bodily mechanical
device. Information in a purpose VM might be robbed by instantiating an alternative

1. INTRODUCTION

Dept. of CSE, AHCET Page 3

VM co-inhabitant with the entire aspiration one. As to of records, you will discover a
evolution of cryptographic plans and that go further as permissive an alien controller
to analyze the convenience of documents in exchange for the report proprietary left
out spilling the rest nearby the report, or out-of-doors intervene the info owner’s
silence. In please habit, distract clients such a lot prefer might not imprison the
forged feeling that fact the muddle flight attendant is creating a mediocre showing
including regards to so far as confidentiality. A cryptographic design, plus
demonstrated confidence, relied on number-theoretic suppositions is further
tempting, at no matter what limit the customer is not superbly matter including
positive the confidence of your VM or the punch of one’s really good body of
workers. These clients are spurred to jostle their instruction using their own keys
ahead of transferring conservatives to the waitress.

DISADVANTAGES OF EXISTING SYSTEM:

Unexpected privilege escalation will expose all it is not efficient. Shared data
will not be secure.

PROPOSED SYSTEM:

The most competitive explanation for duplication dispute is which Alice
encrypts files plus discrete public-keys, but best sends Bob a special (constant-
amount) reading key. Since the interpretation key must be commissioned via a insure
transport and obscure, minor key scope is often useful. For illustration, we won’t
predict large depot for interpretation input the resource-constraint devices prefer
quick phones, resourceful cards or radio sensor nodes. Especially, the particular
surreptitious keys are frequently reserved inside the tamper-proof fantasy, that’s
somewhat pricey. The precommissioned probe efforts in the main center around
minimizing the verbal exchange requirements (comparable to low frequency, rounds

1. INTRODUCTION

Dept. of CSE, AHCET Page 4

of communique) prefer heap identification. However, soft archaic consummated
roughly the key itself.

ADVANTAGES OF PROPOSED SYSTEM:

It is more secure. Decryption key should be sent via a secure channel and
kept secret. It is an efficient public-key encryption scheme which supports flexible
delegation.

Implementation Modules:
1. Searchable encryption
2. Data Group sharing,
3. Data privacy
4. Cloud storage
5. Access control
6. Encrypted database model

1. Searchable encryption:
Generally meaningful, ransack able codeine schemes introduce two
categories, i.e., checkable in proportion inscribe ion (SSE) and people key cipher ion
for watchword hunt for (PEKS). Both SSE and PEKS can title the tuple SE= (Setup,
Encrypt, and Trapdoor Test): Setup (1): here set of rules is administered every
something buyer arrange the scheme. It purports knowledge a preservation
specification 1, and outputs the required keys. Encrypt (k; m): aforementioned set of
rules is administered per head heritor to conceal the info and initiate its
keyworunravel documents. It masquerade observation the info m, proprietor
indispensable keys inclusive of explore able conceal ion key k and knowledge hide

1. INTRODUCTION

Dept. of CSE, AHCET Page 5

ion key, outputs testimony figure lines and watchword unravel documents C m Trod
(k; w): this one set of rules is administered by a shopper initiate a side door Try to
get a watchword w the use of key k. Test (Try, C): the thing indicated set of rules is
administered a pop obscure serf to carry out a magic formula examine overhead
inscribed memorandums. It grandstand evidence back entrance Try and the abraxas
resolve syllabus C m., outputs in case C contains the speci?ed opener. The obstacle
of probing on proof which is concealed the use of a popular key strategy. Consider
enjoyer Bob who posts web to buyer Alice enciphered below Alice’s national key. A
communications torn desires to check if the information superhighway contains the
password “urgent” so in that it can road the online community equally. Alice, then
again doesn’t desire to lead the entry the flexibility to solve all her messages. We
spell out and frame a technique that allows Alice to prepare a key to the portal that
permits the arch to standard if regulation “urgent” is actually a key inside the WWW
buyout training the rest concerning the online correspondence. We talk to
aforementioned operation as Public Key Encryption among key Search. As an
alternate quotation, think about a post retainer such stores quite number messages
communally coded for Alice by sub. Using our system Alice can shoot the junk mail
retainer a key in that will endow the hireling to discover all messages containing a
part exact password, but be told not anything in addition. We prescribe the idea of
society key codeine by secret sign investigate and do several formions.

Access control:

Access keeps an eye on a way of limiting get admission to a theory or to
somatic or virtual riches. In computing, get admission to keep watch over is a
process by whatever customers are granted get admission to and certain privileges to
strategies, stuff or information .In get right of entry to keep watch over practices,
customers must present recommendation before they can come in for get entry to. In
materialistic organizations, the above-mentioned token may are available in several
forms, but diploma that cannot be transmitted give you the so much precaution. The

1. INTRODUCTION

Dept. of CSE, AHCET Page 6

executive of recognition to orderliness and organization income. It grants
authenticated purchasers get admission to limited kitty in response to get entry to
policies and the admission address assigned to the end user or end user arrange.
Access regulate usually includes verification, whatever proves the similitude of one’s
buyer or ward mechanical device trying to get entry to the files. The Mute DB
varieties and schemes for bringing together encryption and key guidance to enhance
testimony silence and withdrawal in blur conclusions bases. After the delivery of
one’s configurations associated with get right of entry to keep an eye on in ASCII and
encrypted knowledgebase, we characterize how Mute DB transforms an get
admission to regulate source for the ASCII style to a form righteous for the
encrypted conclusions base, and the way it generates shopper documentation. Let R
be the set of wealth such mirror dull text tenant testimony, S the set of unencrypted
text evidence base structures, E the set of encrypted tenant evidence, U the set of
shoppers, and K the set of encryption keys. We define A as the get right of entry to
keep an eye on cast where, for each enjoyer u P U and for each structure s P S,
skillful exists a binate sanction reign as a well-known defines even if a get admission
to s by u is denied or allowed.

Encrypted database model:

Database encryption is definitely the means of converting goods, in a proof
servile, in vanilla text form toward trifling figure theme per capita technique of an
appropriate set of rules. Data foul illumination is converting the absurd solve
quotation toward the unique information on the use of keys occasion per capita
encryption algorithms. Data encryption is provided at the stay address. Encryption of
reports servile is expensive and calls for over and above space for storing than the
unique statistics. The steps in encrypting a input servile are: Determine the
incitement of one’s commitment for encryption, Determine what picture obligations
expected encrypted, Determine whatever set of rules most competitive fit the
encryption same old, Determine how the keys would be regulated. Numerous set of

1. INTRODUCTION

Dept. of CSE, AHCET Page 7

rules are worn for encryption. These set of rules reproduce keys associated with the
encrypted knowledge. These keys set a hookup centrally located the encryption and
decoding procedures. The encrypted proof may be decrypted simplest by the use of
these keys.
Encrypted materials encrypted cools hoarded inside
a1234b3161b4fbfdfb96dd576b65bbea dossier corrupt waiter. For every single
unencrypted text hang, the Mute DB DBA purchaser inaugurates the similar
encrypted hold off and also an unparalleled encryption key. The dub of your
encrypted move is sum by encrypting declare of one’s clear text submit as a result
who key. The encryption set of rules pre-owned for encrypting the put off declares
can be a usual AES set of rules within a deterministic status (e.g., CBC for eternal
initialization line). In one of this way, most effective the users that fact feel the clear
text put on back burner identify and the similar encryption key may be able to tote
the sight of your encrypted put forward. The deterministic strategy is hottest because
it lets in an accord mid decoded and encrypted put on holds and improves the energy
of one’s examine transliteration process.

Data Group sharing,

Server can use that amount back way and a few overt intelligence to carry out
key scout and go back the end result to Bob. Therefore, in KASE, the commissioning
of watchword explore business could be achieved by dividing the one mix key. We
notice this embassy of decoding overhauls may be achieved using the key-mix
encryption approach recently proposed in 4, but it remains an open problem to
delegate the paternoster ransack business together with the explication freedoms,
which is the subject topic of that paper. To summarize, the problem of constructing a
KASE

Cloud Data privacy

1. INTRODUCTION

Dept. of CSE, AHCET Page 8

Cloud Data isolation subject matters are one of the key concerns for
corporations salute the mist. In so many countries and in so many industries,
experiments retirement regulations study on every occasion individually ascribable
tip (PII) is possessed and reserved. When here clue is living within the shower, it
presents a completely unique try owing to overshadow computing belongings
proliferate, enable demanding to realize situation proof is found and who has get
entry to at any accustomed hour. In accessory to the smog statistics retirement laws
embody less than, quite a few enterprises ought to on top of reflect series

Cloud storage

Cloud repertory can be aware of knowledge magazine locus the laptop proof
is gathered in necessary pools, the fleshly commissary spans more than one help (and
frequently locations), and the bodily encompassment is usually kept and primed by a
website hosting company

CHAPTER –2
ABOUT DOMAIN

CHAPTER – 2
ABOUT DOMAIN

What is cloud computing?
Cloud computing may be the application of registering wealth (habiliments and
programming) which are conveyed as an bureau bygone a artifice (regularly the
Internet). The term originates in the whole operation of a cloud-molded drawing as a
mirrored image for the touch and go frame it contains in schema outlines. Distributed
computing endows remote managements having a client’s ammo,
Fig 2.1: Cloud Computer Structure

Programming belongings contrived reachable connected as oversaw floater
administrations. These administrations normally make to leading edge programming
applications and tough systems of retainer PCs.

2. ABOUT DOMAIN

Dept. of CSE, AHCET Page 10
How Cloud Computing Works?

The objective of allotted computing is to apply customary supercomputing, or
superior registering power, regularly utilized by military and research offices, to
perform many trillions of calculations for every second, in purchaser situated
applications, for example, money related portfolios, to convey customized data, to
give information stockpiling or to influence substantial, immersive PC recreations.
The appropriated computing utilizes systems of expansive gatherings of servers
normally running minimal effort shopper PC innovation with particular associations
with spread information preparing errands crosswise over them. This mutual IT
foundation contains extensive pools of frameworks that are connected together.
Regularly, virtualization methods are utilized to expand the vitality of budgeted
computing.

Attributes and Services Models:

The remarkable qualities of distributed computing in light of the
definitions gave by the National Institute of Standards and
Terminology (NIST) is laid out beneath:
• On-request self-benefit: A customer can singularly
arrangement processing abilities, for example, server time and system
stockpiling, as required naturally without requiring human connection
with each specialist organizations.
• Broad arrange get to: Capabilities are accessible over the system and got to
through standard components that advance use by heterogeneous thin or thick
customer stages (e.g., cell phones, portable workstations, and PDAs).
• Resource pooling: The supplier’s registering assets are pooled to serve
numerous customers utilizing a multi-occupant demonstrate, with various physical
and virtual assets progressively relegated and reassigned by shopper request. There
is a feeling of area freedom in that the client for the most part has no control or

2. ABOUT DOMAIN

Dept. of CSE, AHCET Page 11
learning over the correct area of the gave assets yet might have the capacity to
determine area at a more elevated amount of reflection (e.g., nation, state, or server
farm). Cases of assets incorporate capacity, handling, memory, arrange transfer
speed, and virtual machines.
• Rapid flexibility: Capabilities can be quickly and flexibly provisioned, now
and again consequently, to rapidly scale out and quickly discharged to rapidly scale
in. To the customer, the capacities accessible for provisioning regularly give off an
impression of being boundless and can be obtained in any amount whenever.
• Measured benefit: Cloud frameworks consequently control and improve
asset use by utilizing a metering capacity at some level of deliberation proper to the
kind of administration (e.g., capacity, preparing, transmission capacity, and
dynamic client accounts). Asset utilization can be overseen, controlled, and
announced giving straightforwardness to both the supplier and customer of the used
administration.

Fig. 2.2 Characteristics of Cloud computing

2. ABOUT DOMAIN

Dept. of CSE, AHCET Page 12
Administrations Models:
Distributed computing includes three distinctive administration models, to be
specific Infrastructure-as-a-Service (Iaas), Platform-as-a-Service (PaaS), and
Software-as-a-Service (SaaS). The three administration models or layer are finished
by an end client layer that typifies the end client point of view on cloud
administrations. The model is appeared in figure beneath. On the off chance that a
cloud client gets to administrations on the framework layer, for example, she can run
Fig. 2.3.: Structure of Admin Model

Advantages of distributed computing:
? Achieve economies of scale – increment volume yield or
profitability with fewer individuals. Your cost per unit, venture or
item dives.
2. Reduce spending on innovation foundation. Keep up simple
access to your data with insignificant forthright spending. Pay as you
go (week by week, quarterly or yearly), in view of interest.

2. ABOUT DOMAIN

Dept. of CSE, AHCET Page 13
3. Globalize your workforce at little to no cost. Individuals
worldwide can get to the cloud, if they have an Internet association.
4. Streamline procedures. Accomplish more work in less time with
fewer individuals.
5. Reduce capital expenses. There’s no compelling reason to spend
enormous cash on equipment, programming or authorizing charges.
6. Improve openness. You approach whenever, anyplace, making
your life so considerably simpler!
7. Monitor ventures all the more successfully. Remain inside
spending plan and in front of fulfilment process durations.
8. Less work force preparing is required. It takes fewer individuals
to accomplish more work on a cloud, with a negligible expectation to
absorb information on equipment and programming issues.
9. Minimize permitting new programming. Extend and develop
without the need to purchase costly programming licenses or projects.
10. Improve adaptability. You can alter course without genuine
“individuals” or “budgetary” issues in question.

Favorable circumstances:
1. Price: Pay for just the assets utilized.
2. Security: Cloud occurrences are secluded in the system from
different occasions for enhanced security.
3. Performance: Instances can be included right away for
enhanced execution. Customers approach the aggregate assets of the
Cloud’s center equipment.
4. Scalability: Auto-send cloud occurrences when required.
5. Uptime: Uses various servers for most extreme redundancies. In
the event of server disappointment, cases can be consequently made
on another server.

2. ABOUT DOMAIN

Dept. of CSE, AHCET Page 14
6. Control: Able to login from any area. Server preview and a
product library give you a chance to send custom occurrences.
7. Traffic: Deals with spike in movement with snappy
organization of extra cases to deal with the heap.

1
3

CHAPTER – 3
PROBLEM ANALYSIS
AND RELATED WORK

CHAPTER – 3
PROBLEM ANALYSIS AND RELATED WORK
3.1 Literature Survey

1. Achieving Secure, Scalable, and Fine-Grained Data Access
Control in Cloud Computing

Distributed computing may be a developing registering worldview within which
assets of the computation framework are given as administrations over the web. As
promising because it could also be, this worldview in addition delivers various new
difficulties for data security and access management once purchasers source delicate
data for sharing on cloud servers, that aren’t within associate indistinguishable place
stock in house from data proprietors. To stay touchy shopper data non-public against
untrusted servers, existing arrangements usually apply cryptologic techniques by
unveiling data unscrambling keys simply to approved purchasers. Be that because it
could, in doing intrinsically, these arrangements ineluctably gift an amazing
calculation overhead on {the data the knowledge the data} man of affairs for key
circulation and knowledge administration once fine-grained information get to
regulate is needed, and afterwards do not scale well.

The issues whereas accomplishing fine-graininess, ability, and knowledge secrecy
of access management truly still stay unsure. This paper tends to the present testing
open issue by, on one hand, characterizing and upholding access arrangements seeable
of data characteristics, and, then again, enabling {the data the knowledge the data}
man of affairs to designate the bulk of the calculation undertakings engaged with fine-
grained data get to regulate to untrusted cloud servers while not uncovering the
essential information substance. We have a tendency to accomplish this objective by
misusing and terribly connection strategies of attribute based mostly coding (ABE),
treated re-encryption, and apathetic re-encryption. Our projected plot in addition has

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
outstanding properties of shopper get to profit privacy and shopper mystery key
responsibility. Broad examination demonstrates that our projected plot is exceptionally
effective and demonstrably secures below existing security models…

1) Secure Provenance: The Essential of Bread and Butter of Data
Forensics in Cloud Computing

Secure root that records proprietary and method history of data objects is
indispensable to the accomplishment of data sociology in distributed computing;
nevertheless it’s so far a testing issue nowadays. During this paper, to handle this
undiscovered point distributed computing, we tend to projected another safe root
conspire in light-weight of the additive mixing methods. because the basic bread and
margarine of data crime scene investigation and post examination in distributed
computing, the projected conspire is delineate by giving the info privacy on delicate
records place away in cloud, mysterious verification on consumer access, and root
following on debated archives. With the demonstrable security methods, we tend to
formally exhibit the projected plot is secure within the standard model.

2) Mona: secure multiword information sharing for dynamic
gatherings in the cloud

With the character of low support, distributed computing provides a sparing
and productive declare sharing gathering plus among cloud purchasers. Sadly, sharing
data in {an exceedingly in a very} multi-proprietor manner whereas saving data and
character security from an untrusted cloud is tile now a testing issue, thanks to the
continual distinction within the enrollment. In this paper, we have a tendency to
propose a secure multi-proprietor data sharing set up, named Mona, for dynamic
gatherings within the cloud. By utilizing bunch signature and dynamic communicate
secret writing procedures; any cloud consumer will on the Q.T. impart data to others.
Then, the capability overhead and secret writing calculation value of our set up area
unit free with the number of denied purchasers. Moreover, we have a tendency to

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
break down the protection of our set up with thorough verifications, and show the
proficiency of our set up in tests.

3) Key-Aggregate Cryptosystem for Scalable Data Sharing in
Cloud Storage

Information sharing may be an important quality in distributed storage. During
this paper, we tend to demonstrate to securely, effectively, and adaptably share data
with others in distributed storage. We tend to portray new open key cryptosystems that
deliver consistent size cipher texts with the tip goal that productive assignment of
secret writing rights for any arrangement of cipher texts are conceivable. The oddity is
that one will total any arrangement of mystery keys and build them as reduced as a
solitary key, nevertheless close the energy of all the keys being collected. At the tip of
the day, the mystery key holder will discharge a gradual size total key for all-mains
choices of cipher text set in distributed storage, nevertheless the opposite encoded
records outside the set keep personal. This reduced total key may be helpfully sent to
others or be place away during a good card with very restricted secure reposting. We
tend to offer formal security investigation of our plans within the commonplace
model. We tend to boot portray different utilization of our plans. Specifically, our
plans offer the most open key patient- controlled coding for all-mains progressive
system that was nevertheless to be best-known

4) Practical procedures for seeks on scrambled information

It is tempting to store data on data storage servers, for instance, mail servers
and document servers in disorganized frame to diminish security and protection
dangers. In any case, this usually suggests one has to surrender quality for security. as
an example, if a client needs to recover simply reports containing bound words, it had

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
been not beforehand renowned the way to let the knowledge storage server play out
the hunt and answer the inquiry, while not loss of information privacy.

We portray our cryptographically plans for the difficulty of betting on encoded
data and provides evidence of security to the following crypto frameworks. Our
strategies have numerous essential focal points. they’re incontrovertibly secure: they
provide obvious mystery to secret writing, as within the untrusted server cannot obtain
something concerning the plaintext once simply given the cipher text; they provide
question confinement to seeks, implying that the untrusted server cannot master
abundant else concerning the plaintext than the output; they provide controlled
wanting, so the untrusted server cannot scan for a subjective word while not the
client’s approval; they likewise bolster shrouded inquiries, therefore the consumer
might approach the untrusted server to scan for a mystery word while not uncovering
the word to the server..

3.2 Existing System/Problem

EXISTING SYSTEM:

1. There’s an upscale writing on accessible coding, as well as compass point plans
and PEKS plans. As hostile those current works, with regards to distributed
storage, motto look beneath the multi-occupancy setting could be an additional
typical state of affairs. In such a state of affairs, the data man of affairs may
need to impart a record to a gathering of approved shoppers, and each shopper
UN agency has the doorway right will give trapdoor to play out the watchword
obtain over the mutual report, specifically, the “multi-client accessible
encryption” (MUSE)situation.

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
2. Some late work center to such a MUSE state of affairs, in spite of the very fact
that all of them receive single-key joined with get to regulate to accomplish the
objective.

3. In MUSE plans area unit designed by sharing the archive’s accessible coding
key with all shoppers UN agency will get thereto, and communicate coding is
used to accomplish coarse-grained get to control.

4. In property primarily based coding (ABE) is connected to accomplish fine-
grained get to regulate conscious motto obtain. afterwards, in MUSE, the first
issue is the suggests that by that to regulate that shoppers will get to that
reports, although a way to reduce the amount of shared keys and trapdoors is
not considered.

Hindrances OF EXISTING SYSTEM:
1.
2. Unexpected benefit acceleration will uncover all
3. It is not productive.
4. Shared information won’t be secure.

3.3 Proposed System/Solution PROPOSEDSYSTEM:
1. During this paper, we have a tendency to address this check by proposing the
novel plan of key-total accessible cryptography (KASE), and instantiating the thought
through a solid KASE conspire.

2. The projected KASE conspire applies to any distributed storage that backings
the accessible gathering data sharing utility, which means any consumer could
specifically impart a gathering of selected documents to a gathering of selected

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
shoppers, whereas sanction active the last to perform watchword look over the
previous.

3. To assist accessible gathering data sharing the first wants for productive key
administration area unit twofold. Initial, associate data man of affairs simply must
disperse a solitary total key (rather than a gathering of keys) to a consumer for sharing
any range of documents. Second, the consumer simply must gift a solitary total
trapdoor (rather than a gathering of trapdoors) to the cloud for performing arts slogan
look over any range of shared records.

4. We have a tendency to 1st characterize a general system of key total accessible
cryptography (KASE) created out of seven polynomial calculations for security
parameter setup, key era, encryption, key extraction, trapdoor era, trapdoor alteration,
and trapdoor testing. We have a tendency to at that time portray each utilitarian and
security wants for outlining a legitimate Chassepot.

5. We have a tendency to at that time instantiate the KASE structure by outlining
a solid KASE plot. Within the wake of giving definite developments to the seven
calculations, we have a tendency to investigate the effectiveness of the set up, and
started its security through natty gritty examination.

6. We have a tendency to state totally different handy problems in building a true
gathering data sharing framework in sight of the projected KASE conspire, and assess
its execution.

The assessment affirms our framework will meet the execution stipulations of all the
way down to earth applications.

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
Points of interest OF PROPOSED SYSTEM:

1. It is more secure.
2. Decryption key ought to be sent by means of a safe channel and kept mystery.
3. It is a proficient open key encryption conspire which bolsters adaptable
appointment.
4. To the best of our insight, the KASE conspire proposed in this paper is the main
known plan that can fulfil prerequisites.

3.4 Methodology: Modules/Methods/Phases

1. Data Owner
2. Network Storage
3. Encrypted Aggregate Key and Searchable Encryption Key Transfer
4. Trapdoor Generation
5. File User

MODULES DESCRIPTION:
1. Data Owner:

In this module we have a tendency to dead by the data man of affairs to setup a
record on Associate in nursing untrusted server. On input a security level parameter 1?
and therefore the amount of cipher text categories n (i.e., category file need to be an
entire range restricted by one and n), it yields general society framework parameter
pram, that is discarded from the contribution of alternate calculations for gruffness.

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
2. Network Storage (Dropbox):

With our answer, Alice will primarily send Bob a solitary total key by suggests
that of a protected email. Weave will transfer the encoded images from Alice’s
Dropbox house and afterward utilization this total key to decipher these disorganized
images. During this Network Storage is untrusted outsider server or dropbox.

3. Encrypted Aggregate Key and Searchable Encrypted key Transfer:

The information businessman builds up the overall population framework
parameter by means that of Setup associated creates an open/ace mystery key match
through KeyGen. Messages are often encoded by means that of encode by a person
World Health Organization in addition chooses what cipher text category is associated
with the plaintext message to be disorganized. The data businessman will utilize the
ace mystery to make a complete unscrambling key for a rendezvous of cipher text
categories through Extract. The created keys are often passed to delegates safely (by
means that of secure messages or secure gadgets) at long last; any shopper with a
complete key will unscramble any cipher text gave that the cipher text’s category is
contained within the total key through decode.

4. Trapdoor era

Trapdoor era calculation is controlled by the consumer WHO has the entire key
to play out associate degree inquiry. It takes as information the entire accessible
cryptography key kagg and a phrase w, at that time yields simply one trapdoorTr.
5. File User:

The created keys will be passed to delegates safely (by suggests that of secure
messages or secure gadgets) at last; any consumer with the Trapdoor watchword

3. PROBLEM ANALYSIS AND RELATED WORK

Dept. of CSE, AHCET Page
generation method will decrypt any cipher text gave that the cipher text’s category is
contained within the Encrypted total key and Searchable Encrypted key through
rewrite.

3.5 System Requirements

Framework REQUIREMENTS: Equipment REQUIREMENTS:
? System : Pentium IV 2.4GHz.
? Hard Disk : 40GB.
? : 1.44 Mb.
? : 15 VGAColor.
? : Logitech.
? : 512 Mb.

Programming REQUIREMENTS:

? Operating framework : Windows XP/7.
? Coding Language : JAVA/J2EE ; Netbeans7.4
? Database : MYSQL

2
2

CHAPTER –4
SYSTEM DESIGN

4. SYSTEM DESIGN

4.1 Architectural Design
SYSTEM DESIGN/SYSTEMARCHITECTURE:

Fig. 4.1.: System Architecture

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

4.2 Overall block diagram BLOCKDIAGRAM:

Fig. 4.2.: Block Diagram

4.3 Flow graph

DATA FLOW DIAGRAM:

? The DFD is likewise known as pocket graph. It’s an easy graphical formalism
that may be utilized to talk to a framework as way as information info to the
framework, totally different handling did on this info, and also the yield info is
created by this framework.

Upload to
cloud
Key generates and encrypts
content
Download
User
Generate Aggregate key and
master-secret key send User
Decrypt
content Using

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

? The knowledge flow chart (DFD) may be a standout amongst the foremost vital
demonstrating devices. It’s utilized to point out the framework components. These
segments square measure the framework procedure, the knowledge utilized by the
procedure, associate outer substance that interfaces with the framework and also the
knowledge streams in the framework.
? DFD shows however the information travels through the framework and the way
it’s adjusted by a progression of changes. It’s a graphical methodology that portrays
knowledge stream and also the changes that square measure connected as info moves
from contribution to yield…

Fig 4.3.: Data Flow Diagram
Upload to cloud
Upload Download
Key generates and encrypts
content Download encrypt content
Aggregate Key and
master secret key
Decrypt content Using
Trapdoor Generated key

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

4.4 UML
UML DIAGRAMS

UML remains for Unified Modelling Language. UML is Associate in nursing
institutionalized universally helpful demonstrating non-standard speech within the
field of protest organized programming building. The quality is overseen, and was
created by, the article Management cluster.

The objective is for UML to finish up plainly a typical non-standard speech
for creating models of protest organized computer programming. In its gift frame
UML is enclosed 2 noteworthy segments: a Meta-demonstrate and documentation.
Later on, some style of technique or method could likewise be additional to; or
connected with, UML.

The Unified Modelling Language may be a customary non-standard speech
for indicating, image, Constructing and archiving the antiquities of programming
framework, and in addition for business displaying and alternative non-programming
frameworks.

The UML speaks to associate in nursing accumulation of best building hones
that have incontestable effective within the displaying of big and complex
frameworks.

The UML is an important piece of making objects settled programming and
also the product advancement method. The UML utilizes typically graphical
documentations to precise, define of programming ventures.

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

Objectives:
1. The Primary objectives within the setup of the UML square measure as per
the following:
2. Offer purchasers a ready to-utilize, communicatory visual displaying
Language with the goal that they’ll produce and trade important models.
3. Offer extendibility and specialization instruments to expand the center
concepts.
4. Be autonomous of specific programming dialects and advancement process.
5. Offer a proper reason for understanding the demonstrating dialect.
6. Encourage the development of OO instruments advertise.
7. Support more elevated amount advancement ideas, for example, joint efforts,
structures, examples and parts.
8. Integrate prescribed procedures.

Use CASE DIAGRAM:

A utilization case graph within the Unified Modelling Language (UML) may
be a reasonably activity define characterized by and made up of a Use-case
examination. Its motivation is to show a graphical define of the quality gave by a
framework concerning on-screen characters, their objectives (spoke to as utilize
cases), and any conditions between those utilization cases. The principle motivation
behind a utilization case define is to demonstrate what framework capacities are
performed that entertainer. Components of the on-screen characters within the
framework will be pictured…

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page
Fig. 4.4: Class Diagram

Fig. 4.5: Sequence Diagram

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

Fig. 4.6: Use Case Diagram

Fig. 4.7: Activity Diagram for Data Owner

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

Fig. 4.8: Activity Diagram for Data User

Fig. 4.9: Component Diagram

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

Fig. 4.9: Deployment Diagram

Fig. 4.10: Collaboration Diagram

4. SYSTEM DESIGN

Dept. of CSE, AHCET Page

Fig. 4.11 State Chart Diagram

CHAPTER – 5
SYSTEM
IMPLEMENTATION

CHAPTER -5
SYSTEM IMPLEMENTATION

5.1 Software Environment
5.1.1 Java Technology
Java technology is both a programming language and a platform.

The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:

? Simple
? Architecture neutral
? Object-oriented
? Portable
? Distributed

? High-performance
? Interpreted
? Multithreaded
? Robust
? Dynamic
? Secure

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page

With most programming languages, you either compile or interpret a program
in order that you’ll be able to run it on your pc. The Java programing language is
uncommon in this a program is each compiled and taken. With the compiler, 1st you
translate a program into associate intermediate language referred to as Java computer
memory unit codes —the platform-independent codes taken by the interpreter on the
Java platform. The interpreter parses and runs every Java computer memory unit code
instruction on the pc. Compilation happens simply once; interpretation happens every
time the program is dead. The subsequent figure illustrates however this works…

Fig. 5.1: Interpreter Parses

You can consider Java computer memory unit codes because the computer
code directions for the Java Virtual Machine (Java VM). Each Java interpreter,
whether or not it’s a development tool or an internet browser which will run applets,
is associate implementation of the Java VM. Java computer memory unit codes
facilitate create “write once, run anywhere” potential. You’ll be able to compile your
program into computer memory unit codes on any platform that includes a Java
compiler. The computer memory unit codes will then be run on any implementation
of the Java VM. Which means that as long as a pc includes a Java VM, identical
program written within the Java programing language will run on Windows 2000, a
Solaris digital computer, or on anima…?

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page

Fig. 5.2 Compilation

Java is additionally uncommon in this every Java program is each compiled
and taken. With a compile you translate a Java program into associate degree
intermediate language referred to as Java computer memory unit codes the platform-
independent code instruction is passed and run on the computer.

Compilation happens simply once; interpretation happens whenever the
program is dead. The figure illustrates however this works.

Fig. 5.3: Program execution block diagram

Java Program Interpreter
Compilers My Program

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
You can consider Java computer memory unit codes because the machine
language directions for the Java Virtual Machine (Java VM). Each Java interpreter,
whether or not it’s Java development tool or an internet browser will run Java
applets, is associate degree implementation of the Java VM. The Java VM can even
be enforced in hardware…

5.2 SCREENSHOTS
Home:

Fig.: 5.4 Home

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
Abstract:

Fig. 5.5 Abstract

Owner Registration:

Fig. 5.6: Owner Registration

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
Owner Login:

Fig. 5.7: Owner Login

Owner Home:
Fig. 5.8: Owner Home

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
Drop box key for file upload to cloud

Fig 5.9: Drop Box for file upload Give a Drop box Key:

Fig.: 5.10: Insert file in Drop Box

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
File upload to Cloud:

Fig. 5.11: File upload in Cloud

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page

File Sharing User and Groups:

Fig. 5.12: File sharing
User Details:

Fig. 5.13: User Detail

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page

File Sharing with User and Send the master key to User mail:

Fig. 5.14: Master key to User mail

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
Owner Logout:

Fig 5.15: Owner Logout

User Registration:

Fig. 5.16: User Registration

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
User Login:

Fig. 5.17: User Login
User Home Page:

Fig. 5.18: User Home page.

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
User Get the master key in email:

Fig. 5.19: Mater key in E-mail.

Give a Drop API Key and next File download:

Fig. 5.20: Drop API Key

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page

API key:
Fig. 5.21: Enter API key

File downloads Folder:

Fig. 5.22: Downloading of File

5. SYSTEM IMPLEMENTATION
Dept. of CSE, AHCET Page
User Logout:

Fig. 5.23: User logout
File Sharing with Groups and Send the master key to Group
User mail:
Fig. 5.24: File sharing in Group

CHAPTER 6
TESTING

6. TESTING

Dept. of CSE, AHCET Page

CHAPTER 6
TESTING
6.1 SYSTEM TESTING
The purpose of testing is to find errors. Testing is that the method of making
an attempt to find each conceivable fault or weakness in an exceedingly work product.
It provides some way to ascertain the practicality of parts, sub-assemblies, assemblies
and/or a finished product it’s the method of elbow grease computer code with the
intent of making certain that the
Software system meets its necessities Associate in nursing user expectations
and doesn’t fail in an unacceptable manner. There are varied kinds of take a look at.
Every take a look at sort addresses a particular testing demand…

TYPES OF TESTS

1. Unit testing

Unit checking is design to check cases that validate that the inner program logic is
functioning properly, that program inputs end up valid outputs All call branches and
internal code flow ought to be valid. It’s the testing of individual package units of the
applying .it is done when the completion of a private unit before integration. This can
be a structural testing, that depends on information of its construction and is invasive.
Unit checks perform basic tests at part level and test a particular business method,
application, and/or system configuration. Unit tests make sure that every distinctive
path of a business method performs accurately to the documented specifications and
contains clearly outlined inputs and expected results.

6. TESTING

Dept. of CSE, AHCET Page

2. Integration testing

Integration tests are designed to check integrated software system parts to see
if they really run joined program. Testing is event driven and is additional involved
with the essential outcome of screens or fields. Integration tests demonstrate that
though the parts were severally satisfaction, as shown by with success unit testing, the
mix of parts.

3. Functional test

Functional tests offer systematic demonstrations that functions tested area unit
offered as such as by the business and technical necessities, system documentation,
and user manuals.
Functional testing is focused on the subsequent items:
Valid Input : known categories of valid input should be accepted. Invalid
Input : known categories of invalid input should be rejected. Functions : known
functions should be exercised.
Output: known categories of application outputs should be exercised.
Systems/Procedures: interfacing systems or procedures should be invoked.
Organization and preparation of purposeful tests is concentrated on
necessities, key functions, or special check cases. Additionally, systematic coverage
bearing on determines Business method flows; information fields, predefined
processes, and ordered processes should be thought of for testing. Before purposeful
testing is complete, extra tests area unit known and also the effective worth of current
tests is set.

6. TESTING

Dept. of CSE, AHCET Page

4. System Test

System testing ensures that the complete integrated software meets necessities.
It tests a configuration to make sure glorious and sure results. AN example of system
take look acting is that the configuration bound system integration test. System testing
is predicated on method descriptions and flows, accentuation pre-driven method links
and integration points.

5. White Box Testing

White Box Testing could be a testing within which the computer code tester
has information of the inner workings, structure and language of the computer code,
or a minimum of its purpose. Its purpose. It’s wont to take a look at areas that can't be
reached from a recorder level.

6. Black Box Testing

Black Box Testing is testing the software package with none information of
the inner workings, structure or language of the module being tested. Recorder tests,
as most different kinds of tests, should be written from a definitive supply document,
like specification or needs document, like specification or needs document. It’s a take
a look acting within which the software package below test is treated, as a recorder
.you cannot “see” into it. The take a look at provides inputs and responds to
outputs while not considering however the software package works…

6. TESTING

Dept. of CSE, AHCET Page

6.2 Unit Testing:

Unit take look acting is sometimes conducted as a part of a combined code and
unit test part of the computer code lifecycle, though it’s not uncommon for
cryptography and unit testing to be conducted as 2 distinct phases…
Test strategy and approach
Field testing will be performed manually and functional tests will be written in
Detail.

Test objectives
All field entries must work properly.?
Pages should be activated from the known link.
The entry screen, messages and responses should not be delayed.
Features to be tested
Verify that the entries are of the correct format?
No duplicate entries should bellowed?
All links should take the user to the correct page.?

6.3 Integration Testing

Software integration testing is that the progressive integration testing of 2 or
additional integrated code parts on one platform to provide failures caused by
interface defects.

6. TESTING

Dept. of CSE, AHCET Page

The task of the combination take a look at is to envision that parts or code
applications, e.g. parts during a code or – one intensify – code applications at the
corporate level – move while not error..
Test Results: All the test cases mentioned above passed successfully. No
defects encountered.

6.4 Acceptance Testing

User Acceptance Testing may be a crucial section of any project and needs
vital participation by the top user. It conjointly ensures that the system meets the
purposeful needs.
Test Results: The entire take a look at cases mentioned higher than passed with
success. No defects encountered.

5
4

CHAPTER–7
CONCLUSION

5
5

CHAPTER–7
CONCLUSION
Considering the sensible drawback of privacy conserving knowledge sharing
system supported public cloud storage which needs a knowledge owner to distribute
an outsized variety of keys to users to change them to access his/her documents, we
tend to for the primary time propose the conception of key- combination searchable
secret writing (KASE) and construct a concrete KASE theme. Each analysis and
analysis results ensure that our work will give a good resolution to assembling
sensible knowledge sharing system supported public cloud storage. During a KASE
theme, the owner solely has to distribute one key to a user once sharing countless
documents with the user, and also the user solely has to submit one trapdoor once he
queries over all documents shared by a similar owner. However, if a user desires to
question over documents shared by multiple homeowners, he should generate
multiple trapdoors to the cloud. a way to cut back the quantity of trapdoors below
multi-owners setting could be a future work. Moreover, united clouds have attracted
plenty of attention these days, however our KASE can not be applied during this case
directly. it’s conjointly a future work to produce the answer for KASE within the case
of united clouds..