Sei sulla pagina 1di 69

A MAJOR PROJECT REPORT

ON

A SECURE ANTI-COLLUSION DATA SHARING


SCHEME FOR DYNAMIC GROUPS IN THE CLOUD
Submitted in partial fulfillment of the requirements
For the award of Degree of
Bachelor of Technology
IN

COMPUTER SCIENCE & ENGINEERING


By
K SAI CHARAN

(12VE1A0523)

R.VIVEK

(12VE1A0546)

V.V GANESH VARMA (12VE1A0555)


V SESHANK .A

(12VE1A0557)

Department of Computer Science and Engineering

SREYAS INSTITUTE OF ENGINEERING AND TECHNOLOGY


Thatti Annaram(V), Bandlaguda, Nagole, Hyderabad-500068.
(Approved by AICTE, New Delhi & Affiliated to JNTUH)

SREYAS INSTITUTE OF ENGINEERING AND TECHNOLOGY


Thatti Annaram(V), Bandlaguda, Nagole, Hyderabad-500068.

(Approved by AICTE, New Delhi & Affiliated to JNTUH)

2012-2016

CERTIFICATE

This is to certify that the project work entitled

A Secure Anti-Collusion Data

Sharing Scheme for Dynamic Groups in the Cloud is a bonafide work carried out by K.SAI
CHARAN (12VE1A0523), RAMINI VIVEK (12VE1A0546), V VENKATA GANESH VARMA
(12VE1A0555), VENKATA SESHANK A (12VE1A0557) in partial fulfillment of the
requirements for the degree Bachelor of Technology in COMPUTER SCIENCE &
ENGINEERING by Jawaharlal Nehru Technological University, Hyderabad during the
academic year 2012-2016.The results embodied in this report have not been submitted by any
student to any other University or Institution for the award of any degree or diploma.

Internal Guide

Headof Department

Mr.Anil Kumar

Mrs.PADMAJOSHI

Associate Professor

Associate Professor

(HOD)

(HOD)

External

ACKNOWLEDGEMENT

We would like to express my gratitude to all the people behind the screen who have helped me
transform an idea into a real time application. We would like to express my heart-felt gratitude to
my parents without whom we would not have been privileged to achieve and fulfill my dreams.
We owe my sincere gratitude to Dr. SURESH AKELLA, Principal and also to our college
management for giving the encouragement that helped us to complete the project successfully.
We profoundly thank Mrs. Padma Joshi, Head of the Department of Computer Science and
Engineering (CSE), who has been an excellent guide and also a great source of inspiration to my
work.
We would also like to thank our project coordinators Mr. Salar Mohammad and Mr. Anil
Kumar for their Technical guidance & constant encouragement. We would also like to thank our
internal guide Mrs. Padma Joshi for her Technical guidance & constant encouragement.
The satisfaction and euphoria that accompany the successful completion of the task would be
great, but incomplete without the mention of the people who made it possible, whose constant
guidance and encouragement crown all the efforts with success. In this context, we would like to
thank all the other staff members, both teaching and non-teaching, who have extended their timely
help and eased my task.

II

ABSTRACT

Benefited from cloud computing, users can achieve an effective and economical approach for data
sharing among group members in the cloud with the characters of low maintenance and little
management cost. Meanwhile, we must provide security guarantees for the sharing data files since
they are out-sourced. Unfortunately, because of the frequent change of the membership, sharing
data while providing privacy-preserving is still a challenging issue, especially for an untrusted
cloud due to the collusion attack. Moreover, for existing schemes, the security of key distribution
is based on the secure communication channel, however, to have such channel is a strong
assumption and is difficult for practice. In this paper, we propose a secure data sharing scheme for
dynamic members. Firstly, we propose a secure way for key distribution without any secure
communication channels, and the users can securely obtain their private keys from group manager.
Secondly, our scheme can achieve fine-grained access control, any user in the group can use the
source in the cloud and revoked users cannot access the cloud again after they are revoked.
Thirdly, we can protect the scheme from collusion attack, which means that revoked users cannot
get the original data file even if they conspire with the untrusted cloud. In our approach, by
leveraging polynomial function, we can achieve a secure user revocation scheme. Finally, our
scheme can achieve fine efficiency, which means previous users need not to update their private
keys for the situation either a new user joins in the group or a user is revoked from the group.

III

CHAPTER

TITLE

PAGE NO.

ACKNOWLEDGEMENT.........................................................................
II
ABSTRACT..III
LIST

OF

FIGURES...VI
LIST OF TABLESVII

CHAPTER- I
1.
INTRODUCTION...........................................................................................
......1
1.1
1.2
1.3
1.4
1.5

EXISTING SYSTEM....1
PROPOSED SYSTEM..2
LIMITATIONS.3
SCOPE..4
OUTLINE.........................................................................................................4

CHAPTER- II
2.
LITERATURE
2.1
2.2
2.3
2.4

SURVEY..................................................................................... 5
BACKGROUND..........................................................................................5
PREVIOUS SYSTEM.................................................................................7
APPROACHES OF DEDUPLICATION8
METHODOLOGIES...11

CHAPTER- III
3.
SYSTEM ANALYSIS
3.1
3.2
3.3
3.4
3.5
3.6

INTRODUCTION CUM EXISTING STATEMENT9


OVER ALL DESCRIPTION..10
EXTERNAL INTERFACE REQUIREMENTS.12
SYSTEM FEATURES.13
NON FUNCTIONAL REQUIREMENTS..14
SYSTEM ARCHITECTURE...16

CHAPTER- IV
4.
DESIGN
4.1
4.2

IMPORTANCE OF DESIGN17
UML DIAGRAMS19
4.2.1 USE CASE DIAGRAM.........20
4.2.2 CLASS DIAGRAM...22
4.2.3 SEQUENCE DIAGRAM...23
4.2.4 ACTIVITY DIAGRAM 24
4.2.5 STATECHART DIAGRAM..25
4.3 DATA FLOW DIAGRAM.26
4.4 DATA DICTIONARY...28

CHAPTER- V
5.
IMPLEMENTATION
5.1 MODULE DESCRIPTION30
5.1.1 CLOUD MODULE....30
5.1.2 GROUP MANAGER MODULE...30
5.1.3 GROUP MEMBER MODULE..31
5.1.4 FILE SECURITY MODULE....31
5.1.5 GROUP SIGNATURE MODULE....31
5.1.6 USER REVOCATION MODULE....31
5.2 ALGORITHMS/ PRINCIPLES..32
5.2.1 KEY GENERATION.32
5.2.2 RSA ALGORITHM...32
5.3

SAMPLE CODE.34

CHAPTER- VI
6.
TESTING
6.1 IMPORTANCE OF TESTING..39
6.2 TYPES OF TESTING39
6.3 TEST CASES..41
6.4 SCREEN SHOTS45
7.

CHAPTER- VII
CONCLUSION AND FUTURE
SCOPE59
CHAPTER- VIII

8. BIBLIOGRAPHY60

List of Figures:
FIGURE NUMBER

NAME OF FIGURE

PAGE NUMBER

4.2.1.1

USECASE DIAGRAM FOR


USER

21

4.2.2.1

CLASS DIAGRAM

22

4.2.3.1

SEQUENCE DIAGRAM

23

4.2.4.1

ACTIVITY DIAGRAM

24

4.2.5.1

STATECHART DIAGRAM

25

4.3.1

DATAFLOW DIAGRAM

27

List of Tables:
S.NO

NAME OF TABLE

PAGE NO

6.3.1

HOME PAGE VERIFICATION


LINKS

42

6.3.2

ADMIN LOGIN PAGE

42

6.3.3

PRIVATE CLOUD

43

6.3.4

USER REGISTRATION

48

List of Screenshots:
S NO

FIGURE

PAGE NO

6.4.1

HOME PAGE

45

6.4.2

GROUP MANAGER LOGIN


PAGE

46

6.4.3

GROUP MEMBER LOGIN


PAGE

47

6.4.4

GROUP MEMBER
REGISTRATION PAGE

48

6.4.5

MANAGER HOME PAGE

49

6.4.6

MANAGER VIEW GROUP


PAGE

50

6.4.7

MANAGER VIEW LOG


DETAILS PAGE

51

6.4.8

MANAGER VIEW FILE


DETAILS PAGE

52

6.4.9

GROUP MEMBER LOGIN

53

6.4.10

SIGNATURE SENT TO MAIL

54

6.4.11

SIGNATURE
AUTHENTICATION

55

6.4.12

GROUP MEMBER HOME PAGE

56

6.4.13

GROUP MEMBER FILE


UPLOAD PAGE

57

6.4.14

GROUP MEMBER FILE


DOWNLOAD PAGE

58

CHAPTER- I
1. INTRODUCTION
Benefited from cloud computing, users can achieve an effective and economical approach for
data sharing among group members in the cloud with the characters of low maintenance and
little management cost. Meanwhile, we must provide security guarantees for the sharing data
files since they are outsourced. Unfortunately, because of the frequent change of the
membership, sharing data while providing privacy-preserving is still a challenging issue,
especially for an untrusted cloud due to the collusion attack. Moreover, for existing schemes, the
security of key distribution is based on the secure communication channel, however, to have
such channel is a strong assumption and is difficult for practice. In this paper, we propose a
secure data sharing scheme for dynamic members. Firstly, we propose a secure way for key
distribution without any secure communication channels, and the users can securely obtain their
private keys from group manager. Secondly, our scheme can achieve fine-grained access control,
any user in the group can use the source in the cloud and revoked users cannot access the cloud
again after they are revoked. Thirdly, we can protect the scheme from collusion attack, which
means that revoked users cannot get the original data file even if they conspire with the untrusted
cloud.

In our approach, by leveraging polynomial function, we can achieve a secure user

revocation scheme. Finally, our scheme can achieve fine efficiency, which means previous users
need not to update their private keys for the situation either a new user joins in the group or a
user is revoked from the group.

1.1 EXISTING SYSTEM:

Kallahalla et al presented a cryptographic storage system that enables secure data sharing
on untrustworthy servers based on the techniques that dividing files into file groups and

encrypting each file group with a file-block key.


Yu et al exploited and combined techniques of key policy attribute-based encryption,
proxy re-encryption and lazy re-encryption to achieve fine-grained data access control
without disclosing data contents.

DISADVANTAGES OF EXISTING SYSTEM:

The file-block keys need to be updated and distributed for a user revocation;

therefore, the system had a heavy key distribution overhead.


The complexities of user participation and revocation in these schemes are linearly

increasing with the number of data owners and the revoked users.
The single-owner manner may hinder the implementation of applications, where any
member in the group can use the cloud service to store and share data files with
others.

1.2 PROPOSED SYSTEM:

In this paper, we propose a secure data sharing scheme, which can achieve secure key

distribution and data sharing for dynamic group.


We provide a secure way for key distribution without any secure communication
channels. The users can securely obtain their private keys from group manager
without any Certificate Authorities due to the verification for the public key of the

user.
Our scheme can achieve fine-grained access control, with the help of the group user
list, any user in the group can use the source in the cloud and revoked users cannot

access the cloud again after they are revoked.


We propose a secure data sharing scheme which can be protected from collusion
attack. The revoked users can not be able to get the original data files once they are
revoked even if they conspire with the untrusted cloud. Our scheme can achieve

secure user revocation with the help of polynomial function.


Our scheme is able to support dynamic groups efficiently, when a new user joins in
the group or a user is revoked from the group, the private keys of the other users do

not need to be recomputed and updated.


We provide security analysis to prove the security of our scheme.

ADVANTAGES OF PROPOSED SYSTEM:

The computation cost is irrelevant to the number of revoked users in RBAC scheme.
The reason is that no matter how many users are revoked, the operations for members

to decrypt the data files almost remain the same.


The cost is irrelevant to the number of the revoked users. The reason is that the
computation cost of the cloud for file upload in our scheme consists of two
verifications for signature, which is irrelevant to the number of the revoked users. The
reason for the small computation cost of the cloud in the phase of file upload in
RBAC scheme is that the verifications between communication entities are not

concerned in this scheme.


In our scheme, the users can securely obtain their private keys from group manager
Certificate Authorities and secure communication channels. Also, our scheme is able
to support dynamic groups efficiently, when a new user joins in the group or a user is
revoked from the group, the private keys of the other users do not need to be
recomputed and updated.

1.3 Limitations:

The user is only allowed to perform the duplicate check for files marked with the
corresponding privileges.

This project works only under the access of internet.

To enhance the security of data and protect the data confidentiality.

1.4 Scope:
This

will

be

developed

using

IDE

NetBeans,

written

in

Java

and

is

reusable framework for simplifying the development of Java Swing desktop applications. The
database used is MYSQL. We provide a secure way for key distribution without any secure

communication channels. The users can securely obtain their private keys from group manager
without any Certificate Authorities due to the verification for the public key of the user.

1.5 Outline:
The Proposed system does deduplication techniques that is it eliminates the repeating
copies of data present in the files. Users must register and the details are securely stored into the
database. All the files being uploaded by the data user are kept on the cloud in the encrypted
form and uploading is done by using the respective token id. Thus, more security is provided to
the files present on the server.

CHAPTER- II
2. LITERATURE SURVEY
1 Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud,

AUTHORS: B. Wang, B. Li, and H. Li,


With cloud data services, it is commonplace for data to be not only stored in the cloud, but also
shared across multiple users. Unfortunately, the integrity of cloud data is subject to skepticism
due to the existence of hardware/software failures and human errors. Several mechanisms have
been designed to allow both data owners and public verifiers to efficiently audit cloud data
integrity without retrieving the entire data from the cloud server. However, public auditing on the
integrity of shared data with these existing mechanisms will inevitably reveal confidential
information-identity privacy-to public verifiers. In this paper, we propose a novel privacypreserving mechanism that supports public auditing on shared data stored in the cloud. In
particular, we exploit ring signatures to compute verification metadata needed to audit the
correctness of shared data. With our mechanism, the identity of the signer on each block in
shared data is kept private from public verifiers, who are able to efficiently verify shared data
integrity without retrieving the entire file. In addition, our mechanism is able to perform multiple
auditing tasks simultaneously instead of verifying them one by one. Our experimental results
demonstrate the effectiveness and efficiency of our mechanism when auditing shared data
integrity.

2. Security Challenges for the Public Cloud,

AUTHORS: K. Ren, C. Wang, and Q. Wang,


In this talk, I will first discuss a number of pressing security challenges in Cloud Computing,
including data service outsourcing security and secure computation outsourcing. Then, I will
focus on data storage security in Cloud Computing. As one of the primitive services, cloud
storage allows data owners to outsource their data to cloud for its appealing benefits. However,
the fact that owners no longer have physical possession of the outsourced data raises big security
concerns on the storage correctness. Hence, enabling secure storage auditing in the cloud
environment with new approaches becomes imperative and challenging. In this talk, I will

present our recent research efforts towards storage outsourcing security in cloud computing and
describe both our technical approaches and security & performance evaluations.

3. Privacy-Preserving Public Auditing for Data Storage Security in Cloud


Computing,

AUTHORS: C. Wang, Q. Wang, K. Ren, and W. Lou


Cloud computing is the long dreamed vision of computing as a utility, where users can remotely
store their data into the cloud so as to enjoy the on-demand high quality applications and services
from a shared pool of configurable computing resources. By data outsourcing, users can be
relieved from the burden of local data storage and maintenance. However, the fact that users no
longer have physical possession of the possibly large size of outsourced data makes the data
integrity protection in Cloud Computing a very challenging and potentially formidable task,
especially for users with constrained computing resources and capabilities. Thus, enabling public
audit ability for cloud data storage security is of critical importance so that users can resort to an
external audit party to check the integrity of outsourced data when needed. To securely introduce
an effective third party auditor (TPA), the following two fundamental requirements have to be
met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the
local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third
party auditing process should bring in no new vulnerabilities towards user data privacy. In this
paper, we utilize and uniquely combine the public key based homomorphic authenticator with
random masking to achieve the privacy-preserving public cloud data auditing system, which
meets all above requirements. To support efficient handling of multiple auditing tasks, we further
explore the technique of bilinear aggregate signature to extend our main result into a multi-user
setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and
performance analysis shows the proposed schemes are provably secure and highly efficient.

4. Computing Encrypted Cloud Data Efficiently under Multiple Keys,

AUTHORS: B. Wang, M. Li, S.S. Chow, and H. Li,


The emergence of cloud computing brings users abundant opportunities to utilize the power of
cloud to perform computation on data contributed by multiple users. These cloud data should be
encrypted under multiple keys due to privacy concerns. However, existing secure computation
techniques are either limited to single key or still far from practical. In this paper, we design two
efficient schemes for secure outsourced computation over cloud data encrypted under multiple
keys. Our schemes employ two non-colluding cloud servers to jointly compute polynomial
functions over multiple users' encrypted cloud data without learning the inputs, intermediate or
final results, and require only minimal interactions between the two cloud servers but not the
users. We demonstrate our schemes' efficiency experimentally via applications in machine
learning. Our schemes are also applicable to privacy-preserving data aggregation such as in
smart metering.

5. Achieving Secure, Scalable, and Fine-Grained Data Access Control in


Cloud Computing,

AUTHORS: S. Yu, C. Wang, K. Ren, and W. Lou,


Cloud computing is an emerging computing paradigm in which resources of the computing
infrastructure are provided as services over the Internet. As promising as it is, this paradigm also
brings forth many new challenges for data security and access control when users outsource
sensitive data for sharing on cloud servers, which are not within the same trusted domain as data
owners. To keep sensitive user data confidential against untrusted servers, existing solutions
usually apply cryptographic methods by disclosing data decryption keys only to authorized users.
However, in doing so, these solutions inevitably introduce a heavy computation overhead on the
data owner for key distribution and data management when fine-grained data access control is
desired, and thus do not scale well. The problem of simultaneously achieving fine-grainedness,
scalability, and data confidentiality of access control actually still remains unresolved. This paper
addresses this challenging open issue by, on one hand, defining and enforcing access policies

based on data attributes, and, on the other hand, allowing the data owner to delegate most of the
computation tasks involved in fine-grained data access control to untrusted cloud servers without
disclosing the underlying data contents. We achieve this goal by exploiting and uniquely
combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy reencryption. Our proposed scheme also has salient properties of user access privilege
confidentiality and user secret key accountability. Extensive analysis shows that our proposed
scheme is highly efficient and provably secure under existing security models.

CHAPTER- III
3. SYSTEM ANALYSIS
3.1 Introduction:
Benefited from cloud computing, users can achieve an effective and economical approach
for data sharing among group members in the cloud with the characters of low maintenance
and little management cost. Meanwhile, we must provide security guarantees for the sharing
data files since they are outsourced.

3.1.1 Purpose:

The purpose of this document is to provide the software requirement specification report
for a secure data sharing scheme for dynamic members and a secure way for key distribution
without any secure communication channels.

3.1.2 Document Conventions:


The Conventions used in the document are:

Conventions

Meaning

DB

Database

JS

Java Script

JSP

Java Server Pages

SQL

Structured Query Language

CSS

Cascading Style sheets

3.1.3 Intended Audience and Reading Suggestions:


This Documentation is intended for developers, project managers and testers. And it is
suggested to read in the sequence mentioned in the table of contents.

3.1.4 Reference:
Zhongma Zhu, Rui Jiang, A Secure Anti-Collusion Data Sharing Scheme for Dynamic Groups
in the Cloud, IEEE Transactions on Parallel and Distributed Systems, 2015.

3.2 Overall Description:


3.2.1 Product Perspective:

This cloud based application is a new, self-contained product which can achieve finegrained access control, any user in the group can use the source in the cloud and revoked users
cannot access the cloud again after they are revoked.

3.2.2 Product Functions:

Cloud Module

Group Manager Module

Group Member Module

3.2.3 User Classes and Characteristics :


The users for this product are a group of team where the users are differentiated as group
managers and group members.

Group Manager

The user has more features.

They have complete facilities to manipulate.

The user need minimum computer and internet knowledge.

Group Member

These user utilize the service more frequently than the others.

They have lesser privileges.

Basic knowledge to use computer and internet is enough.

They are the primary users.

3.2.4 Operating Environment:


Let us look into the software and hardware requirements of the software.

Software Requirements:

Operating System : Windows 7 or above

10

Background Software : Java 7

Database : SQL

Hardware Requirements:

Processor :Pentium Processor or above

RAM : 1GB RAM

Hard Disk: 80GB.

3.2.5 Design and Implementation Constraints


Identifying important product aspects will improve the usability of numerous reviews and
is beneficial to both consumers and firms. Consumers can conveniently make wise purchasing
decision by paying more attentions to the important aspects, while firms can focus on improving
the quality of these aspects and this enhance product reputation effectively.

3.2.6 User Documentation


The user would be provided with a help option in the website to learn how things work
and how they can utilize the service.

3.2.7 Assumptions and Dependencies


The product is expected to work only with those minimum requirements. The software
would not be installed into the computer without satisfying the minimum requirements. The
chances of computer taking long time to run will happen if the user somehow manages to install
the software.

3.3 External Interface Requirements


3.3.1 User Interfaces
Browser

3.3.2 Hardware Interfaces


Not applicable.

3.3.3 Software Interfaces

11

SQL

Windows 7 or above

Netbeans IDE

Java 7

Chrome

3.3.4 Communications Interfaces


The Hypertext transfer protocol is an application protocol distributed, collaborative, hypermedia
information systems. HTTP is the foundation of data communication for the World Wide Web. It
is a structured text that uses logical links between nodes containing text. It is a protocol to
exchange of transfer hypertext.

3.4 System Features


3.4.1 Cloud Module
In this module, we create a local Cloud and provide priced abundant storage services. The
users can upload their data in the cloud.

Description and Priority


We develop this module, where the cloud storage can be made secure. However,
the cloud is not fully trusted by users since the CSPs are very likely to be outside
of the cloud users trusted domain.

Functional Requirements
Login for group members and group managers for accessing the cloud. Group
signature verification for group members file uploading and downloading.

REQ-1:

Username, email id and password for registration.

REQ-2:

Username and password for Login.

3.4.2 Group Manager Module

12

Description and Priority


Group manager takes charge of followings:
1. System parameters generation,
2. User registration,
3. User revocation, and
4. Revealing the real identity of a dispute data owner.
Therefore, we assume that the group manager is fully trusted by the other parties.

Functional Requirements
Login for group managers for accessing the cloud. Group account activation for group
members file uploading and downloading.
REQ-1:

Username, email id and password for registration.

REQ-2:

Username and password for Login.

3.4.3 Group Member Module


3.4.3.1 Description and Priority
Group members are a set of registered users that will

Store their private data into the cloud server and

Share them with others in the group.

The group membership is dynamically changed, due to the staff resignation and new employee
participation in the company. The group member has the ownership of changing the files in the
group.

3.4.3.2 Functional Requirements


Login for group members for accessing the cloud. Group signature verification for group
members file uploading and downloading.
REQ-1:

Username, email id and password for registration.

13

REQ-2:

Username and password for Login.

3.5 Other Nonfunctional Requirements


3.5.1 Performance Requirements
The performance of the product has to be taken care as the users would obviously not
want a software which would take a lot of their time to perform any activity. The product should
be developed to make sure it takes less time to react and perform faster. The search results and
time taken to to download a file should be less as the download speed of the file would depend
on the server configurations.

3.5.2 Safety Requirements


If there is extensive damage to a wide portion of the database due to catastrophic failure,
such as a disk crash, the recovery method restores a past copy of the database that was backed up
to archival storage (typically tape) and reconstructs a more current state by reapplying or redoing
the operations of committed transactions from the backed up log, up to the time of failure.

3.5.3 Security Requirements


Security systems need database storage just like many other applications. However, the
special requirements of the security market mean that vendors must choose their database partner
carefully.

3.5.4 Software Quality Attributes


Availability What percentage of time does the cloud vendor guarantee cloud services will be
available.

14

Elasticity (Scalability) How easy is it to bring on line or take down compute resources (CPU,
memory, network) as workload increases or decreases.

3.5.5 Business Rules


The economic impact that the system will have on the organization. The amount of fund
that the company can pour into the research and development of the system is limited. The
expenditures must be justified, thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the customized
products had to be purchased.

3.6

System Architecture:

fig 3.6.1 System Architecture

15

There are three entities defined in our system that is cloud, group manager and group manager as
shown here. First group manager is given a login and then he permits the group member module for
accessing the files for that to process from group manager a verification mail is sent to the registered
group member. Now group member will access the signature which is auto generated while
registering that particular signature need to be copied for the access and the same process continues
for file accessing too. And all these information are stored with the help of cloud as shown in the
system architecture the above process describe proceeds.

CHAPTER- IV
4. DESIGN
4.1 IMPORTANCE OF DESIGN:

INPUT DESIGN:

The input design is the link between the information system and the user. It comprises the
developing specification and procedures for data preparation and those steps are necessary to put
transaction data in to a usable form for processing can be achieved by inspecting the computer to
read data from a written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount of input required,
controlling the errors, avoiding delay, avoiding extra steps and keeping the process simple. The
input is designed in such a way so that it provides security and ease of use with retaining the
privacy. Input Design considered the following things:
What data should be given as input?
How the data should be arranged or coded?
The dialog to guide the operating personnel in providing input.
Methods for preparing input validations and steps to follow when error occur.
OBJECTIVES:

16

1. Input Design is the process of converting a user-oriented description of the input into a
computer-based system. This design is important to avoid errors in the data input process and
show the correct direction to the management for getting correct information from the
computerized system.

2. It is achieved by creating user-friendly screens for the data entry to handle large volume of
data. The goal of designing input is to make data entry easier and to be free from errors. The data
entry screen is designed in such a way that all the data manipulates can be performed. It also
provides record viewing facilities.
3. When the data is entered it will check for its validity. Data can be entered with the help of
screens. Appropriate messages are provided as when needed so that the user will not be in maize
of instant. Thus the objective of input design is to create an input layout that is easy to follow
OUTPUT DESIGN:
A quality output is one, which meets the requirements of the end user and presents the
information clearly. In any system results of processing are communicated to the users and to
other system through outputs. In output design it is determined how the information is to be
displaced for immediate need and also the hard copy output. It is the most important and direct
source information to the user. Efficient and intelligent output design improves the systems
relationship to help user decision-making.
1. Designing computer output should proceed in an organized, well thought out manner; the right
output must be developed while ensuring that each output element is designed so that people will
find the system can use easily and effectively. When analysis design computer output, they
should Identify the specific output that is needed to meet the requirements.
2. Select methods for presenting information.
3. Create document, report, or other formats that contain information produced by the system.
The output form of an information system should accomplish one or more of the following
objectives.

17

Convey information about past activities, current status or projections of the


Future.
Signal important events, opportunities, problems, or warnings.
Trigger an action.
Confirm an action.

Data flow diagram is a structure analysis tool that is used for graphical representation
of Data processes through any organization. The data flow approach emphasizes on the logic
underlying the system, by using combination of four symbols. It follows a top down approach. A
full description of a system actually consists of set of DFDs, which comprises of various levels.
An initial overview model is exploded further in lower level diagrams that show additional
feature of the system. Further each process can be broken down into a more detailed DFDs. This
occurs repeatedly until sufficient details are described.

4.2 UML DIAGRAMS:


UML stands for Unified Modeling Language. UML is a standardized general-purpose
modeling language in the field of object-oriented software engineering. The standard is managed,
and was created by, the Object Management Group.
The goal is for UML to become a common language for creating models of object
oriented computer software. In its current form UML is comprised of two major components: a
Meta-model and a notation. In the future, some form of method or process may also be added to;
or associated with, UML.
The Unified Modeling Language is a standard language for specifying, Visualization,
Constructing and documenting the artifacts of software system, as well as for business modeling
and other non-software systems.
The UML represents a collection of best engineering practices that have proven
successful in the modeling of large and complex systems.

18

The UML is a very important part of developing objects oriented software and the
software development process. The UML uses mostly graphical notations to express the design
of software projects.
GOALS:
The Primary goals in the design of the UML are as follows:
1. Provide users a ready-to-use, expressive visual modeling Language so that they can develop
and exchange meaningful models.
2. Provide extendibility and specialization mechanisms to extend the core concepts.
3. Be independent of particular programming languages and development process.
4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations, frameworks, patterns and
components.
7. Integrate best practices.
4.2.1

USE CASE DIAGRAM:


A use case diagram in the Unified Modeling Language (UML) is a type of behavioral

diagram defined by and created from a Use-case analysis. Its purpose is to present a graphical
overview of the functionality provided by a system in terms of actors, their goals (represented as
use cases), and any dependencies between those use cases. The main purpose of a use case
diagram is to show what system functions are performed for which actor. Roles of the actors in
the system can be depicted.

19

4.1.2.1 Use Case diagram

4.2.2

CLASS DIAGRAM:

20

In software engineering, a class diagram in the Unified Modeling Language (UML) is a


type of static structure diagram that describes the structure of a system by showing the system's
classes, their attributes, operations (or methods), and the relationships among the classes. It
explains which class contains information.

4.2.2.1 Class diagram

4.2.3

SEQUENCE DIAGRAM:

21

A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that
shows how processes operate with one another and in what order. It is a construct of a Message
Sequence Chart. Sequence diagrams are sometimes called event diagrams, event scenarios, and
timing diagrams.

4.2.3.1 Sequence diagram

4.2.4

ACTIVITY DIAGRAM:

22

Activity diagrams are graphical representations of workflows of stepwise activities and actions
with support for choice, iteration and concurrency. In the Unified Modeling Language, activity
diagrams can be used to describe the business and operational step-by-step workflows of
components in a system. An activity diagram shows the overall flow of control.

4.2.4.1 Activity diagram

4.2.5

STATECHART DIAGRAM:

23

A state diagram resembles a flowchart in which the initial state is represented by a large
black dot and subsequent states are portrayed as boxes with rounded corners. There may be one
or two horizontal lines through a box, dividing it into stacked sections. In that case, the upper
section contains the name of the state, the middle section (if any) contains the state variables and
the lower section contains the actions performed in that state.

4.2.5.1 State chart diagram

4.3 DATA FLOW DIAGRAM:


DFD symbols

24

Square

It defines a source (originator) or destination of system data.

Arrow
It indicates data flow-data in motion. It is a pipeline through which information flows.

Circle or Bubble

It represents a process that transforms incoming data flow(s) to outgoing data flow(s).

Open Rectangle

It is a data store-data at rest, or a temporary repository of data.

25

CLOUD

Group Member

Login

success

Group Signature
Verification

success

Group Manager

error

Login
Login Failed
success

Group Member
Account Activate

error

Signature failed

Group details
File Upload

File Details
File Download

File Delete
File Edit and Save

Account Revoke

End

4.3.1 Data flow diagram

26

error

Login Failed

4.4 DATA DICTIONARY:


4.4.1 MYSQL:
The designers felt that their main goal was to define a SQL interface for Java. Although not
the lowest database interface level possible, it is at a low enough level for higher-level tools and
APIs to be created. Conversely, it is at a high enough level for application programmers to use it
confidently. Attaining this goal allows for future tool vendors to generate JDBC code and to
hide many of JDBCs complexities from the end user.

JDBC must be implemental on top of common database interfaces


The JDBC SQL API must sit on top of other common SQL level APIs. This
goal allows JDBC to use existing ODBC level drivers by the use of a software interface.
This interface would translate JDBC calls to ODBC and vice versa.

Provide a Java interface that is consistent with the rest of the Java system
Because of Javas acceptance in the user community thus far, the designers feel that
they should not stray from the current design of the core Java system.

Keep it simple
This goal probably appears in all software design goal listings. JDBC is no exception.

Sun felt that the design of JDBC should be very simple, allowing for only one method of
completing a task per mechanism. Allowing duplicate functionality only serves to confuse
the users of the API.

Use strong, static typing wherever possible


Strong typing allows for more error checking to be done at compile time; also, less errors

appear at runtime.

Keep the common cases simple


Because more often than not, the usual MYSQL calls used by the programmer are simple

SELECTs, INSERTs, DELETEs and UPDATEs, these queries should be simple to


perform with JDBC. However, more complex MYSQL statements should also be possible.

27

Interpreter

Java
Program

Compilers

My Program

Fig 4.4.1 : Execution of Java Program

CHAPTER- V

28

5. IMPLEMENTATION
5.1

MODULE DESCRIPTION

The following the core modules essential for the project:


5.1.1

Cloud Module

5.1.2

Group Manager Module

5.1.3

Group Member Module

5.1.4

File Security Module

5.1.5

Group Signature Module

5.1.6

User Revocation Module

5.1.1

Cloud Module:

In this module, we create a local Cloud and provide priced abundant storage services. The users
can upload their data in the cloud. We develop this module, where the cloud storage can be made
secure. However, the cloud is not fully trusted by users since the CSPs are very likely to be
outside of the cloud users trusted domain. Similar to we assume that the cloud server is honest
but curious. That is, the cloud server will not maliciously delete or modify user data due to the
protection of data auditing schemes, but will try to learn the content of the stored data and the
identities of cloud users.

5.1.2

Group Manager Module:

Group manager takes charge of followings:


1. System parameters generation
2. User registration
3. User revocation
4. Revealing the real identity of a dispute data owner
Therefore, we assume that the group manager is fully trusted by the other parties. The Group
manager is the admin. The group manager has the logs of each and every process in the cloud.
The group manager is responsible for user registration and also user revocation too.

29

5.1.3

Group Member Module:

Group members are a set of registered users that will


1.

Store their private data into the cloud server and

2.

Share them with others in the group.

Note that, the group membership is dynamically changed, due to the staff resignation and new
employee participation in the company. The group member has the ownership of changing the
files in the group. Whoever in the group can view the files which are uploaded in their group and
also modify it.

5.1.4 File Security Module:


1.

Encrypting the data file.

2.

File stored in the cloud can be deleted by either the group manager or the data owner.

(i.e., the member who uploaded the file into the server).

5.1.5 Group Signature Module:


A group signature scheme allows any member of the group to sign messages while keeping the
identity secret from verifiers. Besides, the designated group manager can reveal the identity of
the signatures originator when a dispute occurs, which is denoted as traceability.

5.1.6 User Revocation Module:


User revocation is performed by the group manager via a public available revocation list (RL),
based on which group members can encrypt their data files and ensure the confidentiality against
the revoked users.

5.2 ALGORITHMS/PRINCIPLE:
5.2.1 Key Generation Algorithm:

30

Symmetric-key algorithms use the same (secret) key to both apply cryptographic
protection to information8 and to remove or verify the protection. Keys used with symmetric-key
algorithms must be known by only the entities authorized to apply, remove or verify the
protection, and are commonly known as secret keys. A secret key is often known by multiple
entities that are said to share or own the secret key, although it is not uncommon for a key to be
generated, owned and used by a single entity (e.g., for secure storage). A secret key shall be
generated by:

One or more of the entities that will share the key.

A Trusted Party that provides the key to the intended sharing entities in a secure manner.

The Trusted Party must be trusted by all entities that will share the key not to disclose the key to
unauthorized parties or otherwise misuse the key.

A symmetric key kpi for each pi P will be selected and the set of keys {kpi }piP will

be sent to the private cloud. An identification protocol II=( proof, verify) is also defined, where
proof and verify are the proof and verification algorithm respectively.

5.2.2 RSA Algorithm:


RSA is an algorithm used by modern computers to encrypt and decrypt messages. It is an
asymmetric cryptographic algorithm. Asymmetric means that there are two different keys. This
is also called public key cryptography, because one of them can be given to everyone.
A user of RSA creates and then publishes a public key based on two large prime numbers, along
with an auxiliary value. The prime numbers must be kept secret. Anyone can use the public key
to encrypt a message, but with currently published methods, if the public key is large enough,
only someone with knowledge of the prime numbers can feasibly decode the message. Breaking
RSA encryption is known as the RSA problem; whether it is as hard as the factoring problem
remains an open question.
RSA is a relatively slow algorithm, and because of this it is less commonly used to directly
encrypt user data. More often, RSA passes encrypted shared keys for symmetric key
cryptography which in turn can perform bulk encryption-decryption operations at much higher
speed.

31

RSA is a cryptosystem for public-key encryption, and is widely used for securing sensitive data,
particularly when being sent over an insecure network such as the Internet.

5.3

SAMPLE CODE:
<!DOCTYPE HTML>
<HTML LANG="EN">
<HEAD>
<TITLE>ANTI-COLLISION_DATA_SHARING</TITLE>

32

<META CHARSET="UTF-8">
<META NAME="DESCRIPTION" CONTENT="YOUR DESCRIPTION">
<META NAME="KEYWORDS" CONTENT="YOUR KEYWORDS">
<META NAME="AUTHOR" CONTENT="YOUR NAME">
<LINK REL="STYLESHEET" HREF="CSS/BOOTSTRAP.CSS">
<LINK REL="STYLESHEET" HREF="CSS/RESPONSIVE.CSS">
<LINK REL="STYLESHEET" HREF="CSS/CAMERA.CSS">
<LINK REL="STYLESHEET" HREF="STYLES.CSS">
<SCRIPT SRC="JS/JQUERY.JS"></SCRIPT>
<SCRIPT SRC="JS/JQUERY-MIGRATE-1.1.1.JS"></SCRIPT>
<SCRIPT SRC="JS/JQUERY.EASING.1.3.JS"></SCRIPT>
<SCRIPT SRC="JS/SUPERFISH.JS"></SCRIPT>
<SCRIPT SRC="JS/JQUERY.MOBILEMENU.JS"></SCRIPT>
<SCRIPT SRC="JS/JQUERY.COOKIE.JS"></SCRIPT>
<SCRIPT SRC="JS/JQUERY.UI.TOTOP.JS"></SCRIPT>
<!-- //////// -->
<SCRIPT SRC="JS/CAMERA.JS"></SCRIPT>
<!--[IF (GT IE 9)|!(IE)]><!-->
<SCRIPT SRC="JS/JQUERY.MOBILE.CUSTOMIZED.MIN.JS"></SCRIPT>
<!--<![ENDIF]-->
<SCRIPT SRC="JS/JQUERY.EQUALHEIGHTS.JS"></SCRIPT>
<!--[IF LT IE 8]>
<DIV STYLE='TEXT-ALIGN:CENTER'><A
HREF="HTTP://WWW.MICROSOFT.COM/WINDOWS/INTERNETEXPLORER/DEFAULT.ASPX?OCID=IE6_COUNTDOWN_BANNERCODE"><IMG
SRC="HTTP://WWW.THEIE6COUNTDOWN.COM/IMG/UPGRADE.JPG"BORDER="0"
ALT=""/></A></DIV>
<![ENDIF]-->
</HEAD>
<!-- -->
<BODY>
<DIV STYLE="HEIGHT: 600PX;BACKGROUND-COLOR: WHITE">
<!-- HEADER -->
<HEADER>
<DIV CLASS="WRAP EXTRABG2">
<DIV CLASS="CONTAINER">

33

<H1 CLASS="BRAND"><A HREF="#" CLASS="LOGO">A SECURE ANTICOLLUSION DATA SHARING SCHEME FOR DYNAMIC GROUPS IN THE
CLOUD</A></H1>
</DIV>
</DIV>
<DIV CLASS="EXTRABG3">
<DIV CLASS="CONTAINER">
<!--MENU-->
<DIV CLASS="NAVBAR">
<DIV CLASS="NAVBAR-INNER">
<DIV CLASS="NAV-COLLAPSE NAV-COLLAPSE_ COLLAPSE"
STYLE="MARGIN-LEFT: 200PX">
<UL CLASS="SF-MENU">
<LI CLASS="ACTIVE"><A HREF="INDEX.HTML"><DIV
CLASS="BASE_TEXT">HOME</DIV><DIV CLASS="OVER"></DIV></A></LI>
<LI><A HREF="GROUPMANAGER.JSP"><DIV
CLASS="BASE_TEXT">GROUP MANAGER</DIV><DIV
CLASS="OVER"></DIV></A></LI>
<LI><A HREF="MEMBER_LOGIN.JSP"><DIV
CLASS="BASE_TEXT">GROUP MEMBERS</DIV><DIV
CLASS="OVER"></DIV></A></LI>
<LI><A HREF="REGISTER.JSP"><DIV
CLASS="BASE_TEXT">MEMBER REGISTER</DIV><DIV
CLASS="OVER"></DIV></A></LI>
</UL>
</DIV>
</DIV>
</DIV>
</DIV>
</DIV>
</HEADER>
<!-- CONTENT -->
<DIV STYLE="WIDTH: 100%; HEIGHT: 500PX;BACKGROUND-IMAGE:
URL('IMG/BANHM.JPG')">
<BR><BR><H2 STYLE="COLOR: WHITE;FONT-FAMILY:
CURSIVE">ABSTRACT: </H2>
<P STYLE="COLOR: WHITE;TEXT-ALIGN: JUSTIFY;PADDING: 20PX;FONTFAMILY: CURSIVE; FONT-SIZE: 15PX">BENEFITED FROM CLOUD COMPUTING,
USERS CAN ACHIEVE AN EFFECTIVE AND

34

ECONOMICAL APPROACH FOR DATA SHARING AMONG GROUP


MEMBERS IN THE CLOUD
WITH THE CHARACTERS OF LOW MAINTENANCE AND LITTLE
MANAGEMENT COST. MEANWHILE,
WE MUST PROVIDE SECURITY GUARANTEES FOR THE SHARING DATA
FILES SINCE THEY ARE
OUT-SOURCED. UNFORTUNATELY, BECAUSE OF THE FREQUENT CHANGE
OF THE MEMBERSHIP,
SHARING DATA WHILE PROVIDING PRIVACY-PRESERVING IS STILL A
CHALLENGING ISSUE,
ESPECIALLY FOR AN UNTRUSTED CLOUD DUE TO THE COLLUSION
ATTACK. MOREOVER, FOR
EXISTING SCHEMES, THE SECURITY OF KEY DISTRIBUTION IS BASED ON
THE SECURE
COMMUNICATION CHANNEL, HOWEVER, TO HAVE SUCH CHANNEL IS A
STRONG ASSUMPTION AND
IS DIFFICULT FOR PRACTICE. IN THIS PAPER, WE PROPOSE A SECURE
DATA SHARING SCHEME
FOR DYNAMIC MEMBERS. FIRSTLY, WE PROPOSE A SECURE WAY FOR
KEY DISTRIBUTION WITHOUT
ANY SECURE COMMUNICATION CHANNELS, AND THE USERS CAN
SECURELY OBTAIN THEIR PRIVATE
KEYS FROM GROUP MANAGER. SECONDLY, OUR SCHEME CAN ACHIEVE
FINE-GRAINED ACCESS CONTROL,
ANY USER IN THE GROUP CAN USE THE SOURCE IN THE CLOUD AND
REVOKED USERS CANNOT ACCESS
THE CLOUD AGAIN AFTER THEY ARE REVOKED. THIRDLY, WE CAN
PROTECT THE SCHEME FROM COLLUSION
ATTACK, WHICH MEANS THAT REVOKED USERS CANNOT GET THE
ORIGINAL DATA FILE EVEN IF THEY CONSPIRE
WITH THE UNTRUSTED CLOUD. IN OUR APPROACH, BY LEVERAGING
POLYNOMIAL FUNCTION, WE CAN ACHIEVE A
SECURE USER REVOCATION SCHEME. FINALLY, OUR SCHEME CAN
ACHIEVE FINE EFFICIENCY, WHICH MEANS PREVIOUS
USERS NEED NOT TO UPDATE THEIR PRIVATE KEYS FOR THE SITUATION
EITHER A NEW USER JOINS IN THE GROUP OR
A USER IS REVOKED FROM THE GROUP.</P>

35

</DIV>
</DIV>

CHAPTER- VI
6. TESTING
6.1

IMPORTANCE OF TESTING:
The purpose of testing is to discover errors. Testing is the process of trying to discover

every conceivable fault or weakness in a work product. It provides a way to check the
functionality of components, sub assemblies, assemblies and/or a finished product It is the
process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific testing
requirement.

36

6.2 TYPES OF TESTS:


6.2.1

Unit Testing:

Unit testing involves the design of test cases that validate that the internal program logic
is functioning properly, and that program input produce valid outputs. All decision branches and
internal code flow should be validated. It is the testing of individual software units of the
application .it is done after the completion of an individual unit before integration. This is a
structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform
basic tests at component level and test a specific business process, application, and/or system
configuration. Unit tests ensure that each unique path of a business process performs accurately
to the documented specifications and contains clearly defined inputs and expected results.

6.2.2

Integration Testing:

Integration tests are designed to test integrated software components to determine if they
actually run as one program. Testing is event driven and is more concerned with the basic
outcome of screens or fields. Integration tests demonstrate that although the components were
individually satisfaction, as shown by successfully unit testing, the combination of components is
correct and consistent. Integration testing is specifically aimed at

exposing the problems that

arise from the combination of components.

6.2.3

Functional Test:

Functional tests provide a systematic demonstrations that functions tested are available as
specified by the business and technical requirements, system documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input

: identified classes of valid input must be accepted.

Invalid Input

: identified classes of invalid input must be rejected.

Functions

: identified functions must be exercised.

Output

: identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

37

Organization and preparation of functional tests is focused on requirements, key


functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must be
considered for testing. Before functional testing is complete, additional tests are identified and
the effective value of current tests is determined.

6.2.4

System Test:

System testing ensures that the entire integrated software system meets requirements. It tests a
configuration to ensure known and predictable results. An example of system testing is the
configuration oriented system integration test. System testing is based on process descriptions
and flows, emphasizing pre-driven process links and integration points.

6.2.5 White Box Testing:


White Box Testing is a testing in which in which the software tester has knowledge of the
inner workings, structure and language of the software, or at least its purpose. It is purpose. It is
used to test areas that cannot be reached from a black box level.

6.2.6

Black Box Testing:

Black Box Testing is testing the software without any knowledge of the inner workings,
structure or language of the module being tested. Black box tests, as most other kinds of tests,
must be written from a definitive source document, such as specification or requirements
document, such as specification or requirements document. It is a testing in which the software
under test is treated, as a black box .you cannot see into it. The test provides inputs and
responds to outputs without considering how the software works

6.3

TEST CASES:
Test Scenario Home Page Verifying Links:

38

Test
Case
ID #

Test

Test

Descriptio

Steps

TC_1

Links-

case Test data

Expected

Actual

Res

output

output

ult

Remarks

Verificatio
n

1. Open
application
using
browser
2.Groupmanager
Page display

1. Click on 1. Navigates to
Home
Home page.
Page.

1. Home
page is
displayed.

2. Click on
2. Navigates to
Group
Group manager
Manager
page.
tab.

2. Group
manager
page is
displayed.

3. Click on
Group
3. Navigates to
member
Group Member
tab.
page.

3. Group
member
login is
displayed.

4. Click on 4. Navigates to
Registratio User
n page.
Registration
page.

4. User
Registration
page is
displayed

Pas
s

Select each
and every link
on the home
page and
check whether
it navigates to
their
corresponding
valid page or
not.

Fig 6.3.1: Test Scenario Home Page Verifying Links

Test Scenario for Admin Login Page:


Test Case

Test

ID #

Description

TC_2

Group
Manager
Login
page_textfield

Test case
Steps
1. Run the
login page.
2. Enter
Username
and
Password.

Test data

Expected

Actual

output

output

Username Navigates
Group
: xxxx
to Group
Manger
Manager
page is
Password
page.
displayed.
: xxxxx

3. Click on
login
button.

39

Result

Remarks

Pass

If username
and password
is valid then it
navigates to
home page.

Fig 6.3.2: Test Scenario for Admin Login Page

Test Scenario for Private Cloud:


Test Case ID

Test

Description

TC_3

Group
Member
Login

Test case
Steps

Test data

1. Run the
Group
Member
page.

Username
:xxxxxxx
Password
: xxxxx

Expected

Actual

output

output

Navigates
to Group
Member
page.

Group
Member
page is
displayed.

Result

Remarks

Pass

If
username
and
password
is valid
then it
navigates
to home
page.

2. Enter
Username
and
Password.
3. Click
on login
button.
Fig 6.3.3: Test Scenario for Private Cloud

Test Scenario for User Registration:


Test Case

Test

ID #

Description

Test case
Steps

Test data

40

Expected

Actual

Resu

output

output

lt

Remarks

TC_4

User
Register

1. Run the
registration
page.
2. Enter all
the text
fields
marked as
important.
3. Click on
submit
button.

Name :xxxx
Username :
xxxxx
Password :
xxxxx

A text
A text
message is message is
displayed displayed
saying
saying
"Successf "Successf
ul
ul
registratio registratio
n".
n".

Pass

All the
fields that
are
mentioned
are
mandatory.
Filling all
the details
leads to
successful
registration

Signature
sent to
mail

Pass

Signature
sent to mail
to be copied
for user to
get
registered.

Confirm
password :
xxxx
Mail ID :
xxxxx
Phone
Number :
xxxxxxx

TC_5

Verification- 1. Signature
Signature
is sent to
mail for
registration
verification.

Signature

41

Signature
is sent to
mail

Fig 6.3.4: Test Scenario for User Registration

6.4

SCREEN SHOTS:

HOME PAGE

42

Fig: 6.4.1: Home page

MANAGER LOGIN

43

Fig: 6.4.2: Group Manager Login page

GROUP MEMEBER LOGIN

44

Fig: 6.4.3: Group Member Login page

45

GROUP MEMBER REGISTRATION

Fig: 6.4.4: Group Member Registration page

MANAGER HOME PAGE

46

Fig: 6.4.5: Manager Home page

VIEW GROUP PAGE

47

Fig: 6.4.6: Manager View Group Page

VIEW LOG DETAILS PAGE

48

Fig: 6.4.7: Manager View Log Details Page

VIEW FILE DETAILS

49

Fig: 6.4.8: Manager View File Details Page

GROUP MEMBER LOGIN

50

Fig: 6.4.9: Group Member Login page

51

SIGNATURE AUTHENTICATION

Fig: 6.4.10: Signature Authentication page

52

SIGNATURE VERIFICATION

Fig: 6.4.11: Signature Verification page

53

GROUP MEMBER HOME

Fig: 6.4.12: Group Member Home page

FILE UPLOAD

54

Fig: 6.4.13: Group Member File Upload page

FILE DOWNLOAD

55

Fig: 6.4.14: Group Member File Download page

CHAPTER- VII
7. CONCLUSION AND FUTURE SCOPE

56

In this paper, we design a secure anti-collusion data sharing scheme for dynamic groups in the
cloud. In our scheme, the users scan securely obtain their private keys from group manager
Certificate Authorities and secure communication channels. Also, our scheme is able to support
dynamic groups efficiently, when a new user joins in the group or a user is revoked from the
group, the private keys of the other users do not need to be recomputed and updated. Moreover,
our scheme can achieve secure user revocation, the revoked users can not be able to get the
original data files once they are revoked even if they conspire with the untrusted cloud.

CHAPTER- VIII
8. BIBLIOGRAPHY

57

[1] M.Armbrust, A.Fox, R.Griffith, A.D.Joseph, R.Katz,A.Konwinski, G. Lee, D.Patterson,


A.Rabkin, I.Stoica, andM.Zaharia. A View of Cloud Computing,Comm. ACM, vol. 53,no.4,
pp.50-58, Apr.2010.
[2] S.Kamara and K.Lauter,Cryptographic Cloud Storage, Proc.Intl Conf.
Financial Cryptography and Data Security (FC), pp.136-149, Jan. 2010.
[3] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K.Fu,Plutus: Scalable Secure File
Sharing on Untrusted Storage, Proc.USENIX Conf. File and Storage Technologies, pp. 29-42,
2003.
[4] E.Goh, H. Shacham, N. Modadugu, and D. Boneh, Sirius: Securing Remote Untrusted
Storage, Proc. Network and DistributedSystems Security Symp. (NDSS), pp. 131-145, 2003.
[5] G. Ateniese, K. Fu, M. Green, and S. Hohenberger,Improved Proxy

Re-Encryption

Schemes with Applications to Secure Distributed Storage, Proc. Network and Distributed
Systems SecuritySymp. (NDSS), pp. 29-43, 2005.
[6] Shucheng Yu, Cong Wang, Kui Ren, and Weijing Lou, Achieving Secure, Scalable, and
Fine-grained Data Access Control in Cloud Computing, Proc. ACM Symp. Information,
Computer and Comm. Security, pp. 282-292, 2010.
[7] V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for Fine-Grained
Access Control of Encrypted Data, Proc. ACM Conf. Computer and Comm. Security (CCS),
pp. 89-98, 2006
[8] R. Lu, X. Lin, X. Liang, and X. Shen, Secure Provenance: The Essential of Bread and Butter
of Data Forensics in Cloud Computing, Proc. ACM Symp. Information, Computer and Comm.
Security, pp. 282-292, 2010.

58

[9] B. Waters, Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and


Provably Secure Realization, Proc. Intl Conf. Practice and Theory in Public Key Cryptography
Conf. Public Key Cryptography, http://eprint.iacr.org/2008/290.pdf, 2008
[10] Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Jingbo Yang, Mona: Secure Multi-Owner
Data Sharing for Dynamic Groups in the Cloud, IEEE Transactions on Parallel and Distributed
Systems, vol. 24, no. 6, pp. 1182-1191, June 2013.
[11] D.Boneh, X. Boyen, and E. Goh, Hierarchical IdentityBasedEncryption with Constant Size
Ciphertext, Proc. Ann. Intl Conf.Theory and Applications of Cryptographic Techniques
(EUROCRYPT),pp. 440-456, 2005.
[12] C. Delerablee, P. Paillier, and D. Pointcheval, FullyCollusionSecure Dynamic Broadcast
Encryption with Constant-SizeCi-phertexts or Decryption Keys, Proc.First Intl Conf. PairingBasedCryptography, pp. 39-59, 2007.
[13] Zhongma Zhu, Zemin Jiang, Rui Jiang, The Attack on Mona: Secure Multi-Owner Data
Sharing for Dynamic Groups in the Cloud,Proceedings of2013 International Conference on
Information Science and Cloud Computing (ISCC 2013 ), Guangzhou,Dec.7,2013,pp. 185-189.
[14] Lan Zhou, Vijay Varadharajan, and Michael Hitchens, Achieving Secure Role-Based
Access Control on Encrypted Data in Cloud Storage,IEEE Transactions on Information
Forensics and Security, vol. 8, no. 12, pp. 1947-1960, December 2013.
[15]Xukai Zou, Yuan-shunDai, and ElisaBertino, A practical and flexible keymanagement
mechanism for trusted collaborative computing,INFOCOM 2008, pp. 1211-1219.
[16] M. Nabeel, N. Shang, and E. Bertino, Privacy preserving policybased content sharing in
public clouds,IEEE Trans. on Know. andData Eng., vol. 25, no. 11, pp. 2602-2614, 2013.

59

[17] Dolev,D.,Yao A. C.,"On the security of public key protocols",IEEE trans. on Information
Theory,vol. IT-29, no. 2, pp.198208, 1983

[18] BonehDan, FranklinMatt, Identity-based encryption from the weil pairing

[19] B. den Boer,DiffieHellman is as strong as discrete log for certain primesin Advances in
CryptologyCRYPTO88, Lecture Notes in Computer Science 403, Springer, p.530, 1988.

[20] D. Boneh, X. Boyen, H. shacham, Short group signature, Proc. Intl Cryptology Conf.
Advances in Cryptology, pp.41-55, 2004.

[21] D. Boneh, X. Boyen, and E. Goh, Hierarchical IdentityBasedEncryption withConstant Size


Ciphertext, Proc. Ann. Intl Conf.Theory and Applications of Cryptographic Functions

60