Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ABSTRACT
With the popularity of cloud computing, there have been increasing concerns aboutits
security and privacy. Since the cloud computing environment is distributed and
untrusted, data owners have to encrypt outsourced data to enforce confidentiality.
Therefore, how to achieve practicable access control of encrypted data in an untrusted
environment is an urgent issue that needsto be solved. Attribute-Based Encryption
(ABE) is a promising scheme suitable for access control in cloud storage systems.
This paper proposes a hierarchical attribute-based access control scheme with
constant-size ciphertext. The scheme is efficient because the length of ciphertext and
the number of bilinear pairing evaluations to a constantare fixed. Its computation cost
in encryptionand decryption algorithms is low. Moreover, the hierarchical
authorization structure of our scheme reduces the burden and risk of asingle authority
scenario. We prove the scheme is of CCA2 security under the decisional q-Bilinear
Diffie-Hellman Exponent assumption. In addition, we implement our scheme and
analyseits performance. The analysis results show the proposed scheme is efficient,
scalable, and fine-grained in dealing with access control for outsourced data in cloud
computing.
CHAPTER 1
INTRODUCTION
For example, a cloud computer facility that serves European users during
European business hours with a specific application (e.g., email) may reallocate the
same resources to serve North American users during North America's business hours
with a different application (e.g., a web server). This approach should maximize the
use of computing power thus reducing environmental damage as well since less
power, air conditioning, rack space, etc. are required for a variety of functions. With
cloud computing, multiple users can access a single server to retrieve and update their
data without purchasing licenses for different applications.
The term "moving to cloud" also refers to an organization moving away from a
traditional CAPEX model (buy the dedicated hardware and depreciate it over a period
of time) to the OPEX model (use a shared cloud infrastructure and pay as one uses it).
Proponents claim that cloud computing allows companies to avoid upfront
infrastructure costs, and focus on projects that differentiate their businesses instead of
on infrastructure.
Proponents also claim that cloud computing allows enterprises to get their
applications up and running faster, with improved manageability and less
maintenance, and enables IT to more rapidly adjust resources to meet fluctuating and
unpredictable business demand. Cloud providers typically use a "pay as you go"
model. This can lead to unexpectedly high charges if administrators do not adapt to
the cloud pricing model.
POR and PDP are originally proposed for the single-server case. MR-PDP and
HAIL extend integrity checks to a multiserver setting using replication and erasure
coding, respectively. In particular, erasure coding has a lower storage overhead than
replication under the same fault tolerance level.
1.2 CHARACTERISTICS:
Cloud computing exhibits the following key characteristics:
Device and location independence enable users to access systems using a web
browser regardless of their location or what device they use (e.g., PC, mobile phone).
As infrastructure is off-site (typically provided by a third-party) and accessed via the
Internet, users can connect from anywhere.
Productivity may be increased when multiple users can work on the same data
simultaneously, rather than waiting for it to be saved and emailed. Time may be saved
as information does not need to be re-entered when fields are matched, nor do users
need to install application software upgrades to their computer.
Reliability improves with the use of multiple redundant sites, which makes
well-designed cloud computing suitable for business continuity and disaster recovery.
In the most basic cloud-service model - and according to the IETF (Internet
Engineering Task Force) - providers of IaaS offer computers physical or (more
often) virtual machines and other resources. IaaS refers to online services that
abstract user from the detail of infrastucture like physical computing resources,
location, data partitioning, scaling, security, backup etc. Ahypervisor, such
as Xen, Oracle VirtualBox, KVM, VMware ESX/ESXi, or Hyper-V runs the virtual
machines as guests.
Pools of hypervisors within the cloud operational system can support large
numbers of virtual machines and the ability to scale services up and down according
to customers' varying requirements. IaaS clouds often offer additional resources such
as a virtual-machine disk-image library, raw block storage, file or object storage,
firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and
software bundles. IaaS-cloud providers supply these resources on-demand from their
large pools of equipment installed in data centers. For wide-area connectivity,
customers can use either the Internet or carrier clouds.
With some PaaS offers like Microsoft Azure and Google App Engine, the
underlying computer and storage resources scale automatically to match application
demand so that the cloud user does not have to allocate resources manually. The
latter has also been proposed by an architecture aiming to facilitate real-time in cloud
environments. Even more specific application types can be provided via PaaS, such as
media encoding as provided by services.
In the SaaS model, cloud providers install and operate application software in
the cloud and cloud users access the software from cloud clients. Cloud users do not
manage the cloud infrastructure and platform where the application runs. This
eliminates the need to install and run the application on the cloud user's own
computers, which simplifies maintenance and support.
The pricing model for SaaS applications is typically a monthly or yearly flat
fee per user, so prices become scalable and adjustable if users are added or removed at
any point. Proponents claim that SaaS gives a business the potential to reduce IT
operational costs by outsourcing hardware and software maintenance and support to
the cloud provider. This enables the business to reallocate IT operations costs away
from hardware/software spending and from personnel expenses, towards meeting
other goals. In addition, with applications hosted centrally, updates can be released
without the need for users to install new software. One drawback of SaaS comes with
storing the users' data on the cloud provider's server. As a result, there could be
unauthorized access to the data. For this reason, users are increasingly adopting
intelligent third-party key-management systems to help secure their data.
A cloud is called a "public cloud" when the services are rendered over a
network that is open for public use. Public cloud services may be free. Technically
there may be little or no difference between public and private cloud architecture,
however, security consideration may be substantially different for services
(applications, storage, and other resources) that are made available by a service
provider for a public audience and when communication is effected over a non-trusted
network.
Generally, public cloud service providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure at their data center and access is generally
via the Internet. AWS and Microsoft also offer direct connect services called "AWS
Direct Connect" and "Azure ExpressRoute" respectively, such connections require
customers to purchase or lease a private connection to a peering point offered by the
cloud provider.
Varied use cases for hybrid cloud composition exist. For example, an
organization may store sensitive client data in house on a private cloud application,
but interconnect that application to a business intelligence application provided on a
public cloud as a software service. This example of hybrid cloud extends the
capabilities of the enterprise to deliver a specific business service through the addition
of externally available public cloud services. Hybrid cloud adoption depends on a
number of factors such as data security and compliance requirements, level of control
needed over data, and the applications an organization uses.
1.5 ARCHITECTURE
SYSTEM ANALYSIS
The cloud computing paradigm brings many benefits, there are many
unavoidable security problems caused by its inherent characteristics such as the
dynamic complexity of the cloud computing environment, the openness of the cloud
platform and the high concentra-tion of resources. One of the important problems is
how to ensure the security of user data. Security problems, such as data security and
privacy protection in cloud computing,have become serious obstacles which, if not
appropriately addressed. Secure sharing of data plays an important role in cloud
computing. Attribute-based access control can real-ize data confidentiality in the
untrusted environment of server-end, fine-grained access control and large-scale
dynamic authorization which are the difficult problems tosolvethe traditional access
control.
IMPLEMENTATION
3.1 MODULES:
A module is a part of a program. Programs are composed of one or more
independently developed modules that are not combined until the program
is linked. A single module can contain one or several routines.
1) User
2) Admin
3) Root Authority
4) CSP
CHAPTER 4
LITERATURE SURVEY
4.1 OVERVIEW:
ABSTRACT
Key revocation is critical for the practicality of any public key cryptosystem and
identity based encryption (IBE) system. When a users private key is
compromised, it is important for him/her to revoke his/her key. Up to now, little
work has been published on key revocation in IBE systems. We propose a low-
complexity key update technique to solve the revocation problem in an IBE
system in which any revoked user is able to re-join the system without changing
his or her identity or re-setup the system.
ALGORITHM:
ABSTRACT
With rapid development of cloud computing, more and more enterprises will
outsource their sensitive data for sharing in a cloud. To keep the shared data
confidential against untrusted cloud service providers (CSPs), a natural way is
to store only the encrypted data in a cloud. The key problems of this approach
include establishing access control for the encrypted data, and revoking the
access rights from users when they are no longer authorized to access the
encrypted data. This paper aims to solve both problems. First, we propose a
hierarchical attribute-based encryption scheme (HABE) by combining a
hierarchical identity-based encryption (HIBE) system and a ciphertext-policy
attribute-based encryption (CP-ABE) system, so as to provide not only fine-
grained access control, but also full delegation and high performance. Then, we
propose a scalable revocation scheme by applying proxy re-encryption (PRE)
and lazy re-encryption (LRE) to the HABE scheme, so as to efficiently revoke
access rights from users.
In PKC 2010, Herranz et al. proposed the first ciphertext policy attribute-based
encryption (CP-ABE) scheme with constant size ciphertexts for threshold
predicates. However, their scheme was only secure against chosen plaintext
attacks (CPA), which was impossible to obtain security against chosen
ciphertext attacks (CCA) in the standard model, and they left open the following
three problems for CP-ABE schemes with constant size ciphertexts, i.e., how to
achieve full security (i.e., not only the selective security), CCA security in the
standard model, and security reduction to a more standard mathematical
problem. In this paper, we answer the last two of these three problems
affirmatively. Towards our goal, we first design a CPA secure threshold CP-
ABE scheme, which can be further upgraded to the CCA security. The security
of our schemes can be proved under the decisional q-Bilinear Diffie-Hellman
Exponent (q-BDHE) assumption in the selective model. To the best of our
knowledge, this is the first construction of CCA secure CP-ABE scheme with
constant size ciphertexts that can support flexible threshold access structure in
the standard model.
CHAPTER 5
5.1 METHODOLOGY
CP-ABE access control scheme with constant-size ciphertext and discuss the
algorithmsin detailfor our scheme. This scheme can fix the size of ciphertext
and the Whereas encryption schemes withstanding passive chosenplaintext
attacks CPA) can be constructed based on a variety of computational
assumptions, only few assumptions are known to imply the existence of
encryption schemes withstanding adaptive chosen-ciphertext attacks (CCA2).
Towards addressing this asymmetry, we consider a weakening of the CCA2
model bounded CCA2-security wherein security needs only hold against
adversaries that make an a-priori bounded number of queries to the decryption
oracle. Regarding this notion we show (without any further assumptions):
OJECTIVE
The proposed scheme adopts CP-ABE with constant cipher text size and
maintains the size of cipher text and the computation of bilinear pairing at a
constant value, which improves the efficiency of the system and reduces the
extra overhead of space storage, data transmission and computation. Second, we
design a hierarchical access control system. This system supports inheritance of
authorization that reduces the burden and risk in the case of single authority.
Finally, we prove
MOTIVATION:
SYSTEM SPECIFICATION
SOFTWARE ENVIRONMENT
.NET Framework
The Microsoft .NET Framework (pronounced dot net) is a software
framework developed by Microsoft that runs primarily on Microsoft Windows. It
includes a large class library known as Framework Class Library (FCL) and
provides language interoperability (each language can use code written in other
languages) across several programming languages. Programs written for .NET
Framework execute in a software environment (as contrasted
to hardware environment), known as Common Language Runtime (CLR),
an application virtual machine that provides services such as security, memory
management, and exception handling. FCL and CLR together constitute .NET
Framework.
.NET Framework family also includes two versions for mobile or embedded
device use. A reduced version of the framework, .NET Compact Framework, is
available on Windows CE platforms, including Windows Mobile devices such
as smartphones. Additionally, .NET Micro Framework is targeted at severely
resource-constrained devices.
ARCHITECTURE
For computer programs to run on CLI, they need to be compiled into Common
Intermediate Language (CIL) as opposed to being compiled into machine code.
Upon execution, an architecture-specific Just-in-time compiler (JIT) turns the CIL
code into machine code. To improve performance, however, .NET Framework comes
with Native Image Generator (NGEN) that performs ahead-of-time compilation.
Figure 2: visual overview of the common language infrastructure (CLI)
CLASS LIBRARY
.NET Framework includes a set of standard class libraries. The class library is
organized in a hierarchy of namespaces. Most of the built-in APIs are part of
either System.* or Microsoft.* namespaces. These class libraries implement a large
number of common functions, such as file reading and writing, graphic rendering,
database interaction, and XML document manipulation, among others. .NET class
libraries are available to all CLI compliant languages. .NET Framework class library
is divided into two parts: Framework Class Library (FCL) and Base Class
Library (BCL).
.NET CORE
.NET Core is a free and open-source partial implementation of the .NET
Framework. It consists of CoreCLR and CoreFX, which are partial forks of CLR and
BCL respectively.NET Core comes with an improved JIT compiler, called RyuJIT.
ASSEMBLIES
Compiled CIL code is stored in CLI assemblies. As mandated by the
specification, assemblies are stored in Portable Executable (PE) file format, common
on Windows platform for all DLL and EXE files. Each assembly consists of one
or more files, one of which must contain a manifest bearing the metadata for the
assembly. The complete name of an assembly (not to be confused with the file name
on disk) contains its simple text name, version number, culture, and public key token.
Assemblies are considered equivalent if they share the same complete name,
excluding the revision of the version number. A private key can also be used by the
creator of the assembly for strong naming. The public key token identifies which
private key an assembly is signed with. Only the creator of the keypair (typically
.NET developer signing the assembly) can sign assemblies that have the same strong
name as a previous version assembly, since the creator is in possession of the private
key. Strong naming is required to add assemblies to Global Assembly Cache.
DESIGN TENETS
LANGUAGE INDEPENDENCE
.NET Framework introduces a Common Type System (CTS) that defines all
possible datatypes and programming constructs supported by CLR and how they may
or may not interact with each other conforming to CLI specification. Because of this
feature, .NET Framework supports the exchange of types and object instances
between libraries and applications written using any conforming .NET language.
PORTABILITY
While Microsoft has never implemented the full framework on any system
except Microsoft Windows, it has engineered the framework to be platform-
agnostic, and cross-platform implementations are available for other operating
systems. Microsoft submitted the specifications for CLI (which includes the core class
libraries, CTS, and CIL), and C++/CLI to both ECMA and ISO, making them
available as official standards. This makes it possible for third parties to create
compatible implementations of the framework and its languages on other platforms.
SECURITY
.NET Framework has its own security mechanism with two general
features: Code Access Security (CAS), and validation and verification. CAS is based
on evidence that is associated with a specific assembly. Typically the evidence is the
source of the assembly (whether it is installed on the local machine or has been
downloaded from the intranet or Internet). CAS uses evidence to determine the
permissions granted to the code. Other code can demand that calling code be granted a
specified permission. The demand causes CLR to perform a call stack walk: every
assembly of each method in the call stack is checked for the required permission; if
any assembly is not granted the permission a security exception is thrown.
MEMORY MANAGEMENT
CLR frees the developer from the burden of managing memory (allocating and
freeing up when done); it handles memory management itself by detecting when
memory can be safely freed. Instantiations of .NET types (objects) are allocated from
the managed heap; a pool of memory managed by CLR. As long as there exists a
reference to an object, which might be either a direct reference to an object or via
a graph of objects, the object is considered to be in use. When there is no reference to
an object, and it cannot be reached or used, it becomes garbage, eligible for collection.
.NET Framework includes a garbage collector which runs periodically, on a
separate thread from the application's thread, that enumerates all the unusable objects
and reclaims the memory allocated to them and this is more effcient then the java.
SIMPLIFIED DEPLOYMENT
.NET Framework includes design features and tools which help manage the
installation of computer software to ensure that it does not interfere with previously
installed software, and that it conforms to security requirements.
Features Of . Net:
.NET is also the collective name given to various software components built
upon the .NET platform. These will be both products (Visual Studio.NET and
Windows.NET Server, for instance) and services (like Passport, .NET My Services,
and so on).
Managed Code:
The code that targets .NET, and which contains certain extra Information-
metadata - to describe itself. Whilst both managed and unmanaged code can run in
the runtime, only managed code contains the information that allows the CLR to
guarantee, for instance, safe execution and interoperability.
Managed Data
The CLR uses something called the Common Type System (CTS) to strictly
enforce type-safety. This ensures that all classes are compatible with each other, by
describing types in a common way. CTS define how types work within the runtime,
which enables types in one language to interoperate with types in another language,
including cross-language exception handling. As well as ensuring that types are only
used in appropriate ways, the runtime also ensures that code doesnt attempt to access
memory that hasnt been allocated to it.
Common Language Specification
OVERLOADING
HISTORY:
GENESIS
Prior to version 7.0 the code base for MS SQL Server was sold by Sybase SQL
Server to Microsoft, and was Microsoft's entry to the enterprise-level database market,
competing against Oracle, IBM, and, later, Sybase. Microsoft, Sybase and Ashton-
Tate originally worked together to create and market the first version named SQL
Server 1.0 for OS/2 (about 1989) which was essentially the same as Sybase SQL
Server 3.0 on Unix,VMS, etc.
Since the release of SQL Server 2000, advances have been made in performance, the
client IDE tools, and several complementary systems that are packaged with SQL
Server 2005. These include:
The OLAP Services feature available in SQL Server version 7.0 is now called
SQL Server 2000 Analysis Services. The term OLAP Services has been replaced with
the term Analysis Services. Analysis Services also includes a new data mining
component. The Repository component available in SQL Server version 7.0 is now
called Microsoft SQL Server 2000 Meta Data Services. References to the component
now use the term Meta Data Services. The term repository is used only in reference to
the repository engine within Meta Data Services
They are,
1. TABLE
2. QUERY
3. FORM
4. REPORT
5. MACRO
TABLE:
VIEWS OF TABLE:
1. Design View
2. Datasheet View
Design View
To build or modify the structure of a table we work in the table design view.
We can specify what kind of data will be hold.
Datasheet View
To add, edit or analyses the data itself we work in tables datasheet view mode.
QUERY:
A query is a question that has to be asked the data. Access gathers data that
answers the question from one or more table. The data that make up the answer is
either dynaset (if you edit it) or a snapshot (it cannot be edited).Each time we run
query, we get latest information in the dynaset. Access either displays the dynaset or
snapshot for us to view or perform an action on it, such as deleting or updating.
CHAPTER 8
INPUT DESIGN
The input design is the link between the information system and the user. It
comprises the developing specification and procedures for data preparation and
those steps are necessary to put transaction data in to a usable form for
processing can be achieved by inspecting the computer to read data from a
written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount
of input required, controlling the errors, avoiding delay, avoiding extra steps
and keeping the process simple. The input is designed in such a way so that it
provides security and ease of use with retaining the privacy. Input Design
considered the following things:
OBJECTIVES
3.When the data is entered it will check for its validity. Data can be entered with
the help of screens. Appropriate messages are provided as when needed so that
the user
will not be in maize of instant. Thus the objective of input design is to create an
input layout that is easy to follow
OUTPUT DESIGN
A quality output is one, which meets the requirements of the end user and
presents the information clearly. In any system results of processing are
communicated to the users and to other system through outputs. In output
design it is determined how the information is to be displaced for immediate
need and also the hard copy output. It is the most important and direct source
information to the user. Efficient and intelligent output design improves the
systems relationship to help user decision-making.
SYSTEM DESIGN
ARCHITECTURE:
In UML there are five diagrams available to model dynamic nature and use
case diagram is one of them. Now as we have to discuss that the use case diagram is
dynamic in nature there should be some internal or external factors for making the
interaction. These internal and external agents are known as actors. So use case
diagrams are consists of actors, use cases and their relationships.
Dataowner
Login
view file
domain
user
upload file
decrypt key
rootauthority
view authorised
csp
register
register
login
login
login
login
login
upload file
view file
view file
upload file
search key
download file
view graph
9.4 ACTIVITY DIAGRAM:
Analysis graph
vie secret key view request view
\view file transaction
search file
view upload file
logout
SYSTEM STUDY
FEASIBILITY STUDY:
Economical feasibility
Technical feasibility
Social feasibility
ECONOMICAL FEASIBILITY:
This study is carried out to check the economic impact that the system
will have on the organization. The amount of fund that the company can pour
into the research and development of the system is limited. The expenditures
must be justified. Thus the developed system as well within the budget and this
was achieved because most of the technologies used are freely available. Only
the customized products had to be purchased.
TECHNICAL FEASIBILITY:
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a
high demand on the available technical resources. This will lead to high
demands on the available technical resources. This will lead to high demands
being placed on the client. The developed system must have a modest
requirement, as only minimal or null changes are required for implementing this
system.
SOCIAL FEASIBILITY:
CHAPTER 11
SYSTEM TESTING
TYPES OF TESTS:
Testing is the process of trying to discover every conceivable fault or
weakness in a work product. The different type of testing are given below:
UNIT TESTING:
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid
outputs. All decision branches and internal code flow should be validated. It is
the testing of individual software units of the application .it is done after the
completion of an individual unit before integration.
INTEGRATION TESTING:
Integration tests are designed to test integrated software components to
determine if they actually run as one program. Testing is event driven and is
more concerned with the basic outcome of screens or fields. Integration tests
demonstrate that although the components were individually satisfaction, as
shown by successfully unit testing, the combination of components is correct
and consistent. Integration testing is specifically aimed at exposing the
problems that arise from the combination of components.
FUNCTIONAL TEST:
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.
Functional testing is centered on the following items:
SYSTEM TEST:
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results.
An example of system testing is the configuration oriented system integration
test. System testing is based on process descriptions and flows, emphasizing
pre-driven process links and integration points.
INTEGRATION TESTING:
Software integration testing is the incremental integration testing of two
or more integrated software components on a single platform to produce failures
caused by interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or one step up software
applications at the company level interact without error.
Test Results: All the test cases mentioned above passed successfully. No
defects encountered.
ACCEPTANCE TESTING:
User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets
the functional requirements.
Test Results: All the test cases mentioned above passed successfully. No
defects encountered
CHAPTER 12
FUTURE WORK
CHAPTER 13
SOURCE CODE
USERLOGIN
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
SqlDataAdapter da;
DataSet ds;
protected void Page_Load(object sender, EventArgs e)
TextBox3.Focus();
if (con.State == ConnectionState.Closed)
con.Open();
int n = Convert.ToInt32(da.SelectCommand.ExecuteScalar());
if (n == 1)
ds = new DataSet();
da.Fill(ds, "UserRegister");
Session.Add("uid", ds.Tables["UserRegister"].Rows[0][0].ToString());
//Session["uid"] = uid;
Session["Nname"] = TextBox3.Text;
Response.Redirect("userlink.aspx");
else
else
TextBox3.Text = "";
Response.Redirect("userregister.aspx");
}
USER REGISTER
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
id = cs.idgeneration();
Label12.Text = Convert.ToString(id);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
//Label8.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
TextBox6.Text = "";
TextBox7.Text = "";
TextBox8.Text = "";
//TextBox9.Text = "";
//DropDownList1.Text = "";
//Response.Redirect("home.aspx");
USERDETAILS
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.Collections.Generic;
using System.Data.OleDb;
using System.Web.SessionState;
int id = Convert.ToInt32(GridView2.DataKeys[gvrow.RowIndex].Value.ToString());
{
using (SqlCommand cmd = new
SqlCommand(ConfigurationManager.AppSettings["ConnectionString"]))
cmd.Parameters.AddWithValue("@id", id);
cmd.Connection = con;
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
Response.ContentType = dr["FileType"].ToString();
Response.AddHeader("Content-Disposition", "attachment;filename=\"" +
dr["fileName"] + "\" ");
Response.BinaryWrite((byte[])dr["fileData"]);
Response.End();
}
SEARCH
using System;
using System.Collections.Generic;
using System.Linq;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.IO;
using System.Net;
using System.Net.Mail;
{
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
if (TextBox1.Text != null)
try
da.Fill(ds);
if (ds.Tables[0].Rows.Count <= 0)
Label10.Visible = false;
GridView2.DataSource = ds;
GridView2.DataBind();
Label10.Visible = false;
int id = Convert.ToInt32(GridView2.DataKeys[gvrow.RowIndex].Value.ToString());
{
using (SqlCommand cmd = new
SqlCommand(ConfigurationManager.AppSettings["ConnectionString"]))
cmd.Parameters.AddWithValue("@id", id);
cmd.Connection = con;
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
Response.ContentType = dr["FileType"].ToString();
Response.AddHeader("Content-Disposition", "attachment;filename=\"" +
dr["FileName"] + "\" ");
Response.BinaryWrite((byte[])dr["FileData"]);
Response.End();
}
OWNERLOGIN
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.IO;
using System.Net;
using System.Net.Mail;
if (TextBox1.Text == "")
else
if (TextBox2.Text == "")
else
{
adp.Fill(ds);
name = ds.Tables[0].Rows[i]["Username"].ToString();
pass = ds.Tables[0].Rows[i]["Password"].ToString();
yes = "yes";
if (yes == "yes")
Session["OwnerName"] = TextBox1.Text;
//Response.Redirect("fileupload.aspx");
Response.Redirect("ownerlink.aspx");
//Panel2.Visible = true;
//onClick="genericPopup(this.href,300,300,no)"
//Response.Write("<script>window.close()</script>");
}
else
Response.Redirect("ownerreg.aspx");
OWNERREGISTER
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
int id;
id = cs.idgeneration1();
Label8.Text = Convert.ToString(id);
con.Open();
SqlCommand cmd = new SqlCommand("insert into OwnerRegister values('" +
Label8.Text + "','" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox7.Text + "','" +
TextBox8.Text + "','" + TextBox9.Text + "','" + TextBox10.Text + "','" +
DropDownList2.Text + "')", con);
cmd.ExecuteNonQuery();
con.Close();
Label8.Text = "";
TextBox1.Text = "";
TextBox2.Text = "";
TextBox7.Text = "";
TextBox8.Text = "";
TextBox9.Text = "";
TextBox10.Text = "";
DropDownList2.Text = "";
//Response.Redirect("home.aspx");
UPLOADKEY
using System;
using System.Collections.Generic;
using System.Linq;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.IO;
using System.Net;
using System.Net.Mail;
{
using (SqlConnection Con = new
SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]))
try
Con.Open();
if (dr1.Read())
//lblmsg.Visible = true;
else
//INSERT TO TABLE
if (filename == "")
// lblmsg.Visible = true;
else
//message = Convert.ToString(rno);
//upload count
// {
//return false;
// }
// {
//return false;
// }
//return true; // Good to go
//}
cmd.Parameters.AddWithValue("@id", TextBox3.Text);
cmd.Parameters.AddWithValue("@title", TextBox2.Text);
//cmd.Parameters.AddWithValue("@filetitle", DropDownList1.Text);
//cmd.Parameters.AddWithValue("@cash", TextBox2.Text);
//cmd.Parameters.AddWithValue("@title", TextBox3.Text);
cmd.Parameters.AddWithValue("@filename", filename);
cmd.Parameters.AddWithValue("@providerlocation", TextBox1.Text);
cmd.Parameters.AddWithValue("@filetype", "application/word");
cmd.Parameters.AddWithValue("@filedata", size);
//cmd.Parameters.AddWithValue("@count", count);
//cmd.Parameters.AddWithValue("@securitykey", TextBox2.Text);
cmd.Connection = con;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
Label7.Visible = true;
dr1.Close();
Label7.Visible = true;
finally
Con.Close();
// Response.Redirect("download.aspx");
REQUESTKEY
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
Session["FILENAME"] = DropDownList1.Text;
Session["USERNAME"] = TextBox1.Text;
DOMAINLOGIN
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.IO;
using System.Net;
using System.Net.Mail;
{
}
if (TextBox8.Text == "")
else
if (TextBox9.Text == "")
else
name = ds.Tables[0].Rows[i]["Username"].ToString();
pass = ds.Tables[0].Rows[i]["Password"].ToString();
yes = "yes";
if (yes == "yes")
Session["DomainName"] = TextBox8.Text;
//Response.Redirect("fileupload.aspx");
Response.Redirect("domainlink.aspx");
//Panel2.Visible = true;
//onClick="genericPopup(this.href,300,300,no)"
//Response.Write("<script>window.close()</script>");
else
Response.Redirect("domainreg.aspx");
DOMAIN REGISTER
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
//int id;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
//Label8.Text = "";
TextBox1.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
TextBox6.Text = "";
TextBox7.Text = "";
//DropDownList1.Text = "";
//Response.Redirect("home.aspx");
VIEWKEY
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
using System.IO;
using System.Net;
using System.Net.Mail;
int userid;
{
TextBox1.Text = Session["FILENAME"].ToString();
TextBox2.Text = Session["USERNAME"].ToString();
//Session["ID"] = Label6.Text;
Session["FILENAME"] = TextBox1.Text;
Session["USERNAME"] = TextBox2.Text;
Session["KEY"] = TextBox3.Text;
con.Open();
cmd.ExecuteNonQuery();
SqlCommand com1 = new SqlCommand("select MailId from UserRegister where
name='" + name + "'", con);
mobile = Convert.ToString(com2.ExecuteScalar());
con.Close();
try
string baseurl =
"http://bulksms.mysmsmantra.com:8080/WebSMS/SMSAPI.jsp?username=micinfsms&pass
word=1049242150&sendername=micinf&mobileno=" + mobile + "&message=" +
TextBox3.Text + "";
string s = reader.ReadToEnd();
data.Close();
reader.Close();
// Label2.Text = "sent";
}
catch (Exception ex)
// lblMsg.Visible = true;
Response.Redirect("otp.aspx");
try
msg.To.Add(new MailAddress(to));
msg.Subject = subject;
msg.Body = message;
msg.IsBodyHtml = true;
client.EnableSsl = true;
client.UseDefaultCredentials = false;
client.Credentials = loginInformation;
client.Send(msg);
catch
try
// lblMsg.Visible = true;
AUTHORIZEUSER
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
{
SqlConnection con = new
SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]);
SqlDataAdapter da;
DataSet ds;
if (con.State == ConnectionState.Closed)
con.Open();
if (Page.IsPostBack != true)
Getcustomers();
ds = new DataSet();
da.Fill(ds, "UserRegister");
GridView1.DataSource = ds.Tables["UserRegister"].DefaultView;
GridView1.DataBind();
}
GridView1.PageIndex = e.NewPageIndex;
Getcustomers();
if (e.CommandName == "Artist")
ds = new DataSet();
da.Fill(ds, "UserRegister");
if (ds.Tables["UserRegister"].Rows[0][0].ToString() == "Activate")
int n = da.SelectCommand.ExecuteNonQuery();
if (n == 1)
Getcustomers();
int n = da.SelectCommand.ExecuteNonQuery();
if (n == 1)
Getcustomers();
if (uid.Text != "")
if (res == 1)
Getcustomers();
ROOT LOGIN
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class _Default : System.Web.UI.Page
if (TextBox3.Text == "")
else
if (TextBox3.Text == "")
else
Session["adminid"] = TextBox3.Text;
Response.Redirect("rootlink.aspx");
else
ROOTGRAPH
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Web.UI.DataVisualization.Charting;
con.Open();
dataAdapter.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
{
Chart1.Series["id"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["id"].ToString().Trim()));
//Chart1.Series["title"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["title"].ToString().Trim()));
//Chart1.Series[""].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["performance_Sem3"].ToString().Trim()));
//Chart1.Series["performance_Sem4"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["performance_Sem4"].ToString().Trim()));
//Chart1.Series["performance_Sem5"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["performance_Sem5"].ToString().Trim()));
//Chart1.Series["performance_Sem6"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["performance_Sem6"].ToString().Trim()));
Chart1.Series[0].Points[i].AxisLabel =
ds.Tables[0].Rows[i]["filename"].ToString().Trim();
}
CSPLOGIN
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
if (TextBox1.Text == "")
}
else
if (TextBox2.Text == "")
else
Session["adminid"] = TextBox1.Text;
Response.Redirect("csplink.aspx");
else
}
}
CSP GRAPH
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Web.UI.DataVisualization.Charting;
con.Open();
dataAdapter.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
Chart1.Series["id"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["id"].ToString().Trim()));
Chart1.Series[0].Points[i].AxisLabel =
ds.Tables[0].Rows[i]["providerlocation"].ToString().Trim();
}
SCREEN SHOTS
HOME SCREEN:
OWNER LOGIN:
DOMAIN REGISTER:
USERLOGIN:
USERPROFILES
KEYDETAILS:
SEARCH QUERY:
OWNER PROFILES:
UPLOADFILES:
REQUEST SECRETKEY:
DATAOWNER PROFLES:
ROOT LOGIN:
DOMAIN AUTHORITY DETAILS:
FILES PERFORMENCE(GRAPH):
CSP LOGIN
CSP GRAPH:
CHAPTER 14
CONCLUSION
Information Sciences,vol.181,no.11,pp:24362440,2011.
[2] S. Yu, C. Wang, K. Ren and W. Lou, Achieving Secure, Scala-ble, and Fine-
INFOCOM,pp:1-9, 2010.
security,vol.30,pp:320-331,2011.
Sciences,vol.275,pp:370-384,2014.
Sciences,vol.181,no.3,pp:648660,2011.
protocol,InformationSciences,vol.181,no.19,pp:43184329, 2011.
Information Sciences,vol.181,no.11,pp:24362440,2011.
2009),LNCS5451,pp:13-23, 2009.
[10] L. Ibraimi, Q. Tang, P. Hartel and Q. Jonker, Efficient and provable secure
[11] S. Yu, C. Wang, K. Ren and W. Lou, Achieving Secure, Scala-ble, and Fine-
INFOCOM,pp:1-9, 2010.
Clouds, Proc. 10th Intl Con. Trust, Security and Privacy in Computing and
Solution for Flexible and Scalable Access Control in Cloud Computing, IEEE
Transactions on Information Forensics and Security, vol. 7, no. 2, pp: 743-754, Apr.
2012.