Attribute-Based Access Control With Constant-Size Ciphertext in Cloud Computing

ATTRIBUTE-BASED ACCESS CONTROL WITH CONSTANT-SIZE
CIPHERTEXT IN CLOUD COMPUTING
ABSTRACT
With the popularity of cloud computing, there have been increasing concerns aboutits
security and privacy. Since the cloud computing environment is distributed and
untrusted, data owners have to encrypt outsourced data to enforce confidentiality.
Therefore, how to achieve practicable access control of encrypted data in an untrusted
environment is an urgent issue that needsto be solved. Attribute-Based Encryption
(ABE) is a promising scheme suitable for access control in cloud storage systems.
This paper proposes a hierarchical attribute-based access control scheme with
constant-size ciphertext. The scheme is efficient because the length of ciphertext and
the number of bilinear pairing evaluations to a constantare fixed. Its computation cost
in encryptionand decryption algorithms is low. Moreover, the hierarchical
authorization structure of our scheme reduces the burden and risk of asingle authority
scenario. We prove the scheme is of CCA2 security under the decisional q-Bilinear
Diffie-Hellman Exponent assumption. In addition, we implement our scheme and
analyseits performance. The analysis results show the proposed scheme is efficient,
scalable, and fine-grained in dealing with access control for outsourced data in cloud
computing.
CHAPTER 1
INTRODUCTION
1.1 CLOUD COMPUTING
Cloud storage has emerged as a promising solution for providing ubiquitous,

convenient, and on-demand accesses to large amounts of data shared over the Internet.
Today, millions of users are sharing personal data, such as photos and videos, with
their friends through social network applications based on cloud storage on a daily
basis. Business users are also being attracted by cloud storage due to its numerous
benefits, including lower cost, greater agility, and better resource utilization.
Cloud computing is a recently evolved computing terminology or metaphor

based on utility and consumption of computing resources. Cloud computing involves
deploying groups of remote servers and software networks that allow centralized data
storage and online access to computer services or resources. Clouds can be classified
as public, private or hybrid.
Cloud computing relies on sharing of resources to achieve coherence

and economies of scale, similar to a utility (like the electricity grid) over a network. At
the foundation of cloud computing is the broader concept of converged
infrastructure and shared services. Cloud computing, or in simpler shorthand just "the
cloud", also focuses on maximizing the effectiveness of the shared resources. Cloud
resources are usually not only shared by multiple users but are also dynamically
reallocated per demand. This can work for allocating resources to users.
For example, a cloud computer facility that serves European users during
European business hours with a specific application (e.g., email) may reallocate the
same resources to serve North American users during North America's business hours
with a different application (e.g., a web server). This approach should maximize the
use of computing power thus reducing environmental damage as well since less
power, air conditioning, rack space, etc. are required for a variety of functions. With
cloud computing, multiple users can access a single server to retrieve and update their
data without purchasing licenses for different applications.
The term "moving to cloud" also refers to an organization moving away from a
traditional CAPEX model (buy the dedicated hardware and depreciate it over a period
of time) to the OPEX model (use a shared cloud infrastructure and pay as one uses it).
Proponents claim that cloud computing allows companies to avoid upfront
infrastructure costs, and focus on projects that differentiate their businesses instead of
on infrastructure.
Proponents also claim that cloud computing allows enterprises to get their
applications up and running faster, with improved manageability and less
maintenance, and enables IT to more rapidly adjust resources to meet fluctuating and
unpredictable business demand. Cloud providers typically use a "pay as you go"
model. This can lead to unexpectedly high charges if administrators do not adapt to
the cloud pricing model.
The present availability of high-capacity networks, low-cost computers and

storage devices as well as the widespread adoption of hardware virtualization, service-
oriented architecture, and autonomic and utility computing have led to a growth in
cloud computing. Cloud storage offers an on-demand data outsourcing service model,
and is gaining popularity due to its elasticity and low maintenance cost. However,
security concerns arise when data storage is outsourced to third-party cloud storage
providers. It is desirable to enable cloud clients to verify the integrity of their
outsourced data, in case their data have been accidentally corrupted or maliciously
compromised by insider/outsider attacks.
One major use of cloud storage is long-term archival, which represents a

workload that is written once and rarely read. While the stored data are rarely read, it
remains necessary to ensure its integrity for disaster recovery or compliance with legal
requirements . Since it is typical to have a huge amount of archived data, whole-file
checking becomes prohibitive. Proof of retrievability (POR) and proof of data
possession(PDP) have thus been proposed to verify the integrity of a large file by
spot-checking only a fraction of the file via various crypto-graphic primitives.
Suppose that we outsource storage to a server, which could be a storage site or
a cloud-storage provider. If we detect corruptions in our outsourced data (e.g., when a
server crashes or is compromised), then we should repair the corrupted data and
restore the original data. However, putting all data in a single server is susceptible to
the single-point-of-failure problem and vendor lock-ins. A plausible solution is to
stripe data across multiple servers. Thus, to repair a failed server, we can
1. Read data from the other surviving servers.
2. Reconstruct the corrupted data of the failed server.
3. Write the reconstructed data to a new server.
POR and PDP are originally proposed for the single-server case. MR-PDP and
HAIL extend integrity checks to a multiserver setting using replication and erasure
coding, respectively. In particular, erasure coding has a lower storage overhead than
replication under the same fault tolerance level.
1.2 CHARACTERISTICS:
Cloud computing exhibits the following key characteristics:
Agility improves with users' ability to re-provision technological infrastructure

resources.
Cost reductions claimed by cloud providers. A public-cloud delivery model

converts capital expenditure to operational expenditure. This purportedly
lowers barriers to entry, as infrastructure is typically provided by a third party and
does not need to be purchased for one-time or infrequent intensive computing tasks.
Pricing on a utility computing basis is fine-grained, with usage-based options and
fewer IT skills are required for implementation. The e-FISCAL project's state-of-the-
art repository contains several articles looking into cost aspects in more detail, most of
them concluding that costs savings depend on the type of activities supported and the
type of infrastructure available in-house.
Device and location independence enable users to access systems using a web
browser regardless of their location or what device they use (e.g., PC, mobile phone).
As infrastructure is off-site (typically provided by a third-party) and accessed via the
Internet, users can connect from anywhere.
Maintenance of cloud computing applications is easier, because they do not

need to be installed on each user's computer and can be accessed from different
places.
Multitenancy enables sharing of resources and costs across a large pool of

users thus allowing for:
Centralization of infrastructure in locations with lower costs (such as

real estate, electricity, etc.)
Peak-load capacity increases (users need not engineer for highest
possible load-levels)
Utilisation and efficiency improvements for systems that are often only
1020% utilised.
Performance is monitored and consistent and loosely coupled architectures are

constructed using web services as the system interface.
Productivity may be increased when multiple users can work on the same data
simultaneously, rather than waiting for it to be saved and emailed. Time may be saved
as information does not need to be re-entered when fields are matched, nor do users
need to install application software upgrades to their computer.
Reliability improves with the use of multiple redundant sites, which makes
well-designed cloud computing suitable for business continuity and disaster recovery.
Scalability and elasticity via dynamic ("on-demand") provisioning of resources

on a fine-grained, self-service basis in near real-time (Note, the VM startup time
varies by VM type, location, OS and cloud providers), without users having to
engineer for peak loads.
Security can improve due to centralization of data, increased security-focused

resources, etc., but concerns can persist about loss of control over certain sensitive
data, and the lack of security for stored kernels. Security is often as good as or better
than other traditional systems, in part because providers are able to devote resources to
solving security issues that many customers cannot afford to tackle. However, the
complexity of security is greatly increased when data is distributed over a wider area
or over a greater number of devices, as well as in multi-tenant systems shared by
unrelated users. In addition, user access to security audit logs may be difficult or
impossible. Private cloud installations are in part motivated by users' desire to retain
control over the infrastructure and avoid losing control of information security.
1.2.1 Cloud Computing Identifies "Five Essential Characteristices:
ON-DEMAND SELF-SERVICE: A consumer can unilaterally provision

computing capabilities, such as server time and network storage, as needed
automatically without requiring human interaction with each service provider.
BROAD NETWORK ACCESS: Capabilities are available over the network

and accessed through standard mechanisms that promote use by heterogeneous thin or
thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
RESOURCE POOLING: The provider's computing resources are pooled to

serve multiple consumers using a multi-tenant model, with different physical and
virtual resources dynamically assigned and reassigned according to consumer
demand.
RAPID ELASTICITY: Capabilities can be elastically provisioned and

released, in some cases automatically, to scale rapidly outward and inward
commensurate with demand. To the consumer, the capabilities available for
provisioning often appear unlimited and can be appropriated in any quantity at any
time.
MEASURED SERVICE: Cloud systems automatically control and optimize

resource use by leveraging a metering capability at some level of abstraction
appropriate to the type of service (e.g., storage, processing, bandwidth, and active user
accounts). Resource usage can be monitored, controlled, and reported, providing
transparency for both the provider and consumer of the utilized service.
1.3 SERVICE MODELS

Though service-oriented architecture advocates "everything as a service" (with
the acronyms EaaS or XaaS or simply aas), cloud-computing providers offer their
"services" according to different models, which happen to form a stack: infrastructure-
, platform- and software-as-a-service.
Fig 1: Cloud-computing layers accessible within a stack
1.3.1 INFRASTRUCTURE AS A SERVICE (IAAS)
In the most basic cloud-service model - and according to the IETF (Internet
Engineering Task Force) - providers of IaaS offer computers physical or (more
often) virtual machines and other resources. IaaS refers to online services that
abstract user from the detail of infrastucture like physical computing resources,
location, data partitioning, scaling, security, backup etc. Ahypervisor, such
as Xen, Oracle VirtualBox, KVM, VMware ESX/ESXi, or Hyper-V runs the virtual
machines as guests.
Pools of hypervisors within the cloud operational system can support large
numbers of virtual machines and the ability to scale services up and down according
to customers' varying requirements. IaaS clouds often offer additional resources such
as a virtual-machine disk-image library, raw block storage, file or object storage,
firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and
software bundles. IaaS-cloud providers supply these resources on-demand from their
large pools of equipment installed in data centers. For wide-area connectivity,
customers can use either the Internet or carrier clouds.
To deploy their applications, cloud users install operating-system images and

their application software on the cloud infrastructure. In this model, the cloud user
patches and maintains the operating systems and the application software. Cloud
providers typically bill IaaS services on a utility computing basis: cost reflects the
amount of resources allocated and consumed.
1.3.2 PLATFORM AS A SERVICE (PAAS)
PaaS vendors offers a development environment to application developers.The

provider typically develops toolkit and standards for development and channels for
distribution and payment.In the PaaS models, cloud providers deliver a computing
platform, typically including operating system, programming-language execution
environment, database, and web server. Application developers can develop and run
their software solutions on a cloud platform without the cost and complexity of buying
and managing the underlying hardware and software layers.
With some PaaS offers like Microsoft Azure and Google App Engine, the
underlying computer and storage resources scale automatically to match application
demand so that the cloud user does not have to allocate resources manually. The
latter has also been proposed by an architecture aiming to facilitate real-time in cloud
environments. Even more specific application types can be provided via PaaS, such as
media encoding as provided by services.
Some integration and data management providers have also embraced

specialized applications of PaaS as delivery models for data solutions. Examples
include iPaaS anddPaaS. iPaaS (Integration Platform as a Service) enables customers
to develop, execute and govern integration flows. Under the iPaaS integration model,
customers drive the development and deployment of integrations without installing or
managing any hardware or middleware. dPaaS (Data Platform as a Service) delivers
integrationand data-managementproducts as a fully managed service. Under the
dPaaS model, the PaaS provider, not the customer, manages the development and
execution of data solutions by building tailored data applications for the customer.
dPaaS users retain transparency and control over data through data-visualization tools.
1.3.3 SOFTWARE AS A SERVICE (SAAS)
In the software as a service (SaaS) model, users gain access to application

software and databases. Cloud providers manage the infrastructure and platforms that
run the applications. SaaS is sometimes referred to as "on-demand software" and is
usually priced on a pay-per-use basis or using a subscription fee.
In the SaaS model, cloud providers install and operate application software in
the cloud and cloud users access the software from cloud clients. Cloud users do not
manage the cloud infrastructure and platform where the application runs. This
eliminates the need to install and run the application on the cloud user's own
computers, which simplifies maintenance and support.
Cloud applications differ from other applications in their scalabilitywhich

can be achieved by cloning tasks onto multiple virtual machines at run-time to meet
changing work demand. Load balancers distribute the work over the set of virtual
machines. This process is transparent to the cloud user, who sees only a single access-
point. To accommodate a large number of cloud users, cloud applications can
be multitenant, meaning that any machine may serve more than one cloud-user
organization.
The pricing model for SaaS applications is typically a monthly or yearly flat
fee per user, so prices become scalable and adjustable if users are added or removed at
any point. Proponents claim that SaaS gives a business the potential to reduce IT
operational costs by outsourcing hardware and software maintenance and support to
the cloud provider. This enables the business to reallocate IT operations costs away
from hardware/software spending and from personnel expenses, towards meeting
other goals. In addition, with applications hosted centrally, updates can be released
without the need for users to install new software. One drawback of SaaS comes with
storing the users' data on the cloud provider's server. As a result, there could be
unauthorized access to the data. For this reason, users are increasingly adopting
intelligent third-party key-management systems to help secure their data.
1.4 DEPLOYMENT MODELS:
1.4.1 PRIVATE CLOUD
Private cloud is cloud infrastructure operated solely for a single organization,

whether managed internally or by a third-party, and hosted either internally or
externally. Undertaking a private cloud project requires a significant level and degree
of engagement to virtualize the business environment, and requires the organization to
reevaluate decisions about existing resources. When done right, it can improve
business, but every step in the project raises security issues that must be addressed to
prevent serious vulnerabilities. Self-run data centers are generally capital intensive.
They have a significant physical footprint, requiring allocations of space,

hardware, and environmental controls. These assets have to be refreshed periodically,
resulting in additional capital expenditures. They have attracted criticism because
users "still have to buy, build, and manage them" and thus do not benefit from less
hands-on management, essentially "[lacking] the economic model that makes cloud
computing such an intriguing concept".
1.4.2 PUBLIC CLOUD
A cloud is called a "public cloud" when the services are rendered over a
network that is open for public use. Public cloud services may be free. Technically
there may be little or no difference between public and private cloud architecture,
however, security consideration may be substantially different for services
(applications, storage, and other resources) that are made available by a service
provider for a public audience and when communication is effected over a non-trusted
network.
Generally, public cloud service providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure at their data center and access is generally
via the Internet. AWS and Microsoft also offer direct connect services called "AWS
Direct Connect" and "Azure ExpressRoute" respectively, such connections require
customers to purchase or lease a private connection to a peering point offered by the
cloud provider.
1.4.3 HYBRID CLOUD
Hybrid cloud is a composition of two or more clouds (private, community or

public) that remain distinct entities but are bound together, offering the benefits of
multiple deployment models. Hybrid cloud can also mean the ability to connect
collocation, managed and/or dedicated services with cloud resources.
A hybrid cloud service as a cloud computing service that is composed of some

combination of private, public and community cloud services, from different service
providers. A hybrid cloud service crosses isolation and provider boundaries so that it
can't be simply put in one category of private, public, or community cloud service. It
allows one to extend either the capacity or the capability of a cloud service, by
aggregation, integration or customization with another cloud service.
Varied use cases for hybrid cloud composition exist. For example, an
organization may store sensitive client data in house on a private cloud application,
but interconnect that application to a business intelligence application provided on a
public cloud as a software service. This example of hybrid cloud extends the
capabilities of the enterprise to deliver a specific business service through the addition
of externally available public cloud services. Hybrid cloud adoption depends on a
number of factors such as data security and compliance requirements, level of control
needed over data, and the applications an organization uses.
Another example of hybrid cloud is one where IT organizations use public

cloud computing resources to meet temporary capacity needs that can not be met by
the private cloud. This capability enables hybrid clouds to employ cloud bursting for
scaling across clouds. Cloud bursting is an application deployment model in which an
application runs in a private cloud or data center and "bursts" to a public cloud when
the demand for computing capacity increases.
A primary advantage of cloud bursting and a hybrid cloud model is that an

organization only pays for extra compute resources when they are needed. Cloud
bursting enables data centers to create an in-house IT infrastructure that supports
average workloads, and use cloud resources from public or private clouds, during
spikes in processing demands. The specialized model of hybrid cloud, which is built
atop heterogeneous hardware, is called "Cross-platform Hybrid Cloud". A cross-
platform hybrid cloud is usually powered by different CPU architectures, for example,
x86-64 and ARM, underneath. Users can transparently deploy applications without
knowledge of the cloud's hardware diversity. This kind of cloud emerges from the
raise of ARM-based system-on-chip for server-class computing.
1.5 ARCHITECTURE
Cloud architecture, the systems architecture of the software

systems involved in the delivery of cloud computing, typically involves
multiple cloud components communicating with each other over a loose
coupling mechanism such as a messaging queue. Elastic provision implies
intelligence in the use of tight or loose coupling as applied to mechanisms such
as these and others.
Fig 2: Cloud computing sample architecture

CHAPTER 2
SYSTEM ANALYSIS
In this phase a detailed appraisal of the existing system is explained. This

appraisal includes how the system works and what it does. It also includes finding out
in more detail- what are the problems with the system and what user requires from the
new system or any new change in system. The output of this phase results in the detail
model of the system. The model describes the system functions and data and system
information flow. The phase also contains the detail set of user requirements and these
requirements are used to set objectives for the new system.
2.1 CURRENT SYSTEM:
The cloud computing paradigm brings many benefits, there are many
unavoidable security problems caused by its inherent characteristics such as the
dynamic complexity of the cloud computing environment, the openness of the cloud
platform and the high concentra-tion of resources. One of the important problems is
how to ensure the security of user data. Security problems, such as data security and
privacy protection in cloud computing,have become serious obstacles which, if not
appropriately addressed. Secure sharing of data plays an important role in cloud
computing. Attribute-based access control can real-ize data confidentiality in the
untrusted environment of server-end, fine-grained access control and large-scale
dynamic authorization which are the difficult problems tosolvethe traditional access
control.
2.2 SHORTCOMINGS OF THE CURRENT SYSTEM:
Attribute-based access control can real-ize data confidentiality in the untrusted

environment of server-end, fine-grained access control and large-scale dynamic
authorization which are the difficult problems tosolvethe traditional access
control.
Furthermore, in previous ABE schemes, the size of the ciphertext and the
number of pairing computations vary linearly with the number of attributes.
2.3 PROPOSED SYSTEM:
This paper proposes a hierarchical ciphertext-policy at-tribute-based encryption

(CP-ABE) access control scheme with constant-size ciphertext that can realize
scalable, flexible, and fine-grained access control of outsourced data in cloud
computing. The proposed scheme adopts CP-ABE with constant ciphertextsize and
maintains the size of ciphertext and the computation of bilinear pairing at a constant
value, which improvesthe efficiency of the system and reduces the extra overhead of
space storage, data transmission and computation. Second, we design a hierarchical
access control system. This system supports inheritance of authorization that reduces
the burden and risk in the case of single authority. Finally, we prove our scheme has
indistinguishable security under an adaptive chosen ciphertext attack and we analyze
the performance of our scheme.
2.4 ADVANTAGE OF PROPOSED SYSTEM:
Shows our scheme hasgood adaptability and scalability in cloudcomputing.

Making the CP-ABE algorithm simpler and more efficient along with making it
even more suitable for access con-trol in a cloud environment.
CHAPTER 3
IMPLEMENTATION
Implementation is the stage of the project when the theoretical design is

turned out into a working system. Thus it can be considered to be the most
critical stage in achieving a successful new system and in giving the user,
confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the

existing system and its constraints on implementation, designing of methods to
achieve changeover and evaluation of changeover methods.
3.1 MODULES:
A module is a part of a program. Programs are composed of one or more
independently developed modules that are not combined until the program
is linked. A single module can contain one or several routines.
Our project modules are given below:
1) User
2) Admin
3) Root Authority
4) CSP
CHAPTER 4
LITERATURE SURVEY
4.1 OVERVIEW:
A literature review is an account of what has been published on a topic by

accredited scholars and researchers. Occasionally you will be asked to write one
as a separate assignment, but more often it is part of the introduction to an
essay, research report, or thesis. In writing the literature review, your purpose is
to convey to your reader what knowledge and ideas have been established on a
topic, and what their strengths and weaknesses are. As a piece of writing, the
literature review must be defined by a guiding concept (e.g., your research
objective, the problem or issue you are discussing or your argumentative thesis).
It is not just a descriptive list of the material available, or a set of summaries
Besides enlarging your knowledge about the topic, writing a literature

review lets you gain and demonstrate skills in two areas
1. INFORMATION SEEKING: the ability to scan the literature

efficiently, using manual or computerized methods, to identify a set of
useful articles and books
2. CRITICAL APPRAISAL: the ability to apply principles of analysis to

identify unbiased and valid studies.
4.2 KEY UPDATING TECHNIQUE IN IDENTITY-BASED ENCRYPTION
ABSTRACT
Key revocation is critical for the practicality of any public key cryptosystem and
identity based encryption (IBE) system. When a users private key is
compromised, it is important for him/her to revoke his/her key. Up to now, little
work has been published on key revocation in IBE systems. We propose a low-
complexity key update technique to solve the revocation problem in an IBE
system in which any revoked user is able to re-join the system without changing
his or her identity or re-setup the system.
DISADVANTAGES OF EXISTING SYSTEM :
Traditional public key encryption systems using public key infrastructure

(PKI), IBE simplifies.
The key management problem by avoiding public key certificates key
revocation problem in identity based revocation problem.
ADVANTAGES OF PROPOSED SYSTEM:
The key updating algorithm in BGK and LV schemes is lost as the

number of revoked users is close to n/2, since the key update complexity
becomes O(n _ r)
identity-based encryption is reduced to a tree of depth one.
ALGORITHM:
private key generator:
Key-update efciency at PKG is able to be signicantly reduced from linear to

the height of such binary tree . Nevertheless, we point out that though the binary
tree introduction is able to achieve a relative high performance, PKG has to
generate a key pair for all the nodes on the path from the identity leaf node to
the root node, which results in complexity logarithmic in the number of users in
system for issuing a single private key. The size of private key grows in
logarithmic in the number of users in system, which makes it difcult in private
key storage for users. As the number of users in system grows, PKG has to
maintain a binary tree with a large amount of nodes, which introduces another
bottleneck for the global system.
4.3 ACHIEVING SECURE, SCALA-BLE, AND FINE-GRAINED DATA
ACCESS CONTROL IN CLOUD COMPU-TING
ABSTRACT
Cloud computing is an emerging computing paradigm in which resources of the

computing infrastructure are provided as services over the Internet. As
promising as it is, this paradigm also brings forth many new challenges for data
security and access control when users outsource sensitive data for sharing on
cloud servers, which are not within the same trusted domain as data owners. To
keep sensitive user data confidential against untrusted servers, existing solutions
usually apply cryptographic methods by disclosing data decryption keys only to
authorized users. However, in doing so, these solutions inevitably introduce a
heavy computation overhead on the data owner for key distribution and data
management when finegrained data access control is desired, and thus do not
scale well. The problem of simultaneously achieving fine-grainedness,
scalability, and data confidentiality of access control actually still remains
unresolved. This paper addresses this challenging open issue by, on one hand,
defining and enforcing access policies based on data attributes, and, on the other
hand, allowing the data owner to delegate most of the computation tasks
involved in finegrained data access control to untrusted cloud servers without
disclosing the underlying data contents. We achieve this goal by exploiting and
uniquely combining techniques of attribute-based encryption (ABE), proxy re-
encryption, and lazy re-encryption. Our proposed scheme also has salient
properties of user access privilege confidentiality and user secret key
accountability. Extensiveanalysis shows that our proposed scheme is highly
efficient and provably secure under existing security models.
4.4 HIERARCHICAL ATTRIBUTE-BASED ENCRYPTION AND
SCALABLE USER REVOCATION FOR SHARING DATA IN CLOUD
SERVERS
With rapid development of cloud computing, more and more enterprises will
outsource their sensitive data for sharing in a cloud. To keep the shared data
confidential against untrusted cloud service providers (CSPs), a natural way is
to store only the encrypted data in a cloud. The key problems of this approach
include establishing access control for the encrypted data, and revoking the
access rights from users when they are no longer authorized to access the
encrypted data. This paper aims to solve both problems. First, we propose a
hierarchical attribute-based encryption scheme (HABE) by combining a
hierarchical identity-based encryption (HIBE) system and a ciphertext-policy
attribute-based encryption (CP-ABE) system, so as to provide not only fine-
grained access control, but also full delegation and high performance. Then, we
propose a scalable revocation scheme by applying proxy re-encryption (PRE)
and lazy re-encryption (LRE) to the HABE scheme, so as to efficiently revoke
access rights from users.
4.5 CIPHERTEXT-POLICY HIERARCHICAL ATTRIBUTE-BASED

ENCRYPTION WITH SHORT CIPHERTEXTS
Attribute-based encryption (ABE) systems allow encrypting to uncertain

receivers by means of an access policy specifying the attributes that the in-
tended receivers should possess. ABE promises to deliver _ne-grained access
control of encrypted data. However, when data are encrypted using an ABE
scheme, key management is di_cult if there is a large number of users from
various backgrounds. In this paper, we elaborate ABE and propose a new
versatile cryptosystem referred to as ciphertext-policy hierarchical ABE (CP-
HABE). In a CP-HABE scheme, the attributes are organized in a matrix and the
users having higher-level attributes can delegate their access rights to the users
at a lower level. These features enable a CP-HABE system to host a large
number of users from di_erent organizations by delegating keys, e.g., enabling
e_cient data sharing among hierarchically organized large groups. We construct
a CP-HABE scheme with short ciphertexts. The scheme is proven secure in the
standard model under non-interactive assumptions.
4.6 THRESHOLD CIPHERTEXT POLICY ATTRIBUTE-BASED

ENCRYPTION WITH CONSTANT SIZE CIPHERTEXTS
In PKC 2010, Herranz et al. proposed the first ciphertext policy attribute-based
encryption (CP-ABE) scheme with constant size ciphertexts for threshold
predicates. However, their scheme was only secure against chosen plaintext
attacks (CPA), which was impossible to obtain security against chosen
ciphertext attacks (CCA) in the standard model, and they left open the following
three problems for CP-ABE schemes with constant size ciphertexts, i.e., how to
achieve full security (i.e., not only the selective security), CCA security in the
standard model, and security reduction to a more standard mathematical
problem. In this paper, we answer the last two of these three problems
affirmatively. Towards our goal, we first design a CPA secure threshold CP-
ABE scheme, which can be further upgraded to the CCA security. The security
of our schemes can be proved under the decisional q-Bilinear Diffie-Hellman
Exponent (q-BDHE) assumption in the selective model. To the best of our
knowledge, this is the first construction of CCA secure CP-ABE scheme with
constant size ciphertexts that can support flexible threshold access structure in
the standard model.
CHAPTER 5
5.1 METHODOLOGY
CP-ABE access control scheme with constant-size ciphertext and discuss the
algorithmsin detailfor our scheme. This scheme can fix the size of ciphertext
and the Whereas encryption schemes withstanding passive chosenplaintext
attacks CPA) can be constructed based on a variety of computational
assumptions, only few assumptions are known to imply the existence of
encryption schemes withstanding adaptive chosen-ciphertext attacks (CCA2).
Towards addressing this asymmetry, we consider a weakening of the CCA2
model bounded CCA2-security wherein security needs only hold against
adversaries that make an a-priori bounded number of queries to the decryption
oracle. Regarding this notion we show (without any further assumptions):
(1) For any polynomial q, a simple black-box construction of q-bounded

IND-CCA2-secure encryption schemes, from any IND-CPA-secure
encryption scheme. When instantiated with the Decisional Diffie-
Hellman (DDH) assumption, this construction additionally yields
encryption schemes with very short ciphertexts.
(2) For any polynomial q, a (non-black box) construction of q-bounded NM-
CCA2-secure encryption schemes, from any IND-CPA-secure encryption
scheme. Bounded-CCA2 non-malleability is the strongest notion of
security yet known to be achievable assuming only the existence of IND-
CPA secure encryption schemes.
5.2 OJECTIVE AND MOTIVATION
OJECTIVE
The proposed scheme adopts CP-ABE with constant cipher text size and
maintains the size of cipher text and the computation of bilinear pairing at a
constant value, which improves the efficiency of the system and reduces the
extra overhead of space storage, data transmission and computation. Second, we
design a hierarchical access control system. This system supports inheritance of
authorization that reduces the burden and risk in the case of single authority.
Finally, we prove
MOTIVATION:
Structure of hierarchical attribute authority based on cloud computing which

reduces the burden and disperses the risk of the single authority. The proposed
scheme adopts CP-ABE with constant-size cipher text that solves the problem
of the cipher text size depending linearly on the number of attributes. Our
scheme can maintain the size of cipher text and the computation of encryption
and decryption at a constant value. Therefore, the scheme can improve the
efficiency of the system. We have performed some numerical simulation and
the testing results are coincident with the theoretical analysis. In addition, we
prove the scheme is of CCA2 security under the decision-al q-Bilinear Diffie-
Hellman Exponent assumption.
CHAPTER 6
SYSTEM SPECIFICATION
The purpose of system requirement specification is to produce the

specification analysis of the task and also to establish complete information
about the requirement, behavior and other constraints such as functional
performance and so on. The goal of system requirement specification is to
completely specify the technical requirements for the product in a concise and
unambiguous manner.
6.1 HARDWARE REQUIREMENTS
System : Pentium IV 2.4 GHz.

Hard Disk : 40 GB.
Floppy Drive : 1.44 Mb.
Monitor : 15 VGA Colour.
Mouse : Logitech.
Ram : 512 Mb.
6.2 SOFTWARE REQUIREMENTS
Operating system : Windows XP/7.

Coding Language : ASP.net, C#.net
Tool : Visual Studio 2010
Database : SQL SERVER 2008
CHAPTER 7
SOFTWARE ENVIRONMENT
.NET Framework
The Microsoft .NET Framework (pronounced dot net) is a software
framework developed by Microsoft that runs primarily on Microsoft Windows. It
includes a large class library known as Framework Class Library (FCL) and
provides language interoperability (each language can use code written in other
languages) across several programming languages. Programs written for .NET
Framework execute in a software environment (as contrasted
to hardware environment), known as Common Language Runtime (CLR),
an application virtual machine that provides services such as security, memory
management, and exception handling. FCL and CLR together constitute .NET
Framework.
FCL provides user interface, data access, database

connectivity, cryptography, web application development, numeric algorithms,
and network communications. Programmers produce software by combining their
own source code with .NET Framework and other libraries. .NET Framework is
intended to be used by most new applications created for Windows
platform. Microsoft also produces an integrated development environment largely for
.NET software called Visual Studio.
HISTORY
Microsoft started development of .NET Framework in the late 1990s, originally
under the name of Next Generation Windows Services (NGWS). By late 2000, the
first beta versions of .NET 1.0 were released.
.NET Framework family also includes two versions for mobile or embedded
device use. A reduced version of the framework, .NET Compact Framework, is
available on Windows CE platforms, including Windows Mobile devices such
as smartphones. Additionally, .NET Micro Framework is targeted at severely
resource-constrained devices.
ARCHITECTURE
COMMON LANGUAGE INFRASTRUCTURE:

Common Language Runtime (CLI) provides a language-neutral platform for
application development and execution, including functions for exception
handling, garbage collection, security, and interoperability. By implementing the core
aspects of .NET Framework within the scope of CLI, this functionality will not be tied
to a single language but will be available across the many languages supported by the
framework. Microsoft's implementation of CLI is Common Language
Runtime (CLR). It serves as the execution engine of .NET Framework. All .NET
programs execute under the supervision of CLR, guaranteeing certain properties and
behaviors in the areas of memory management, security, and exception handling.
For computer programs to run on CLI, they need to be compiled into Common
Intermediate Language (CIL) as opposed to being compiled into machine code.
Upon execution, an architecture-specific Just-in-time compiler (JIT) turns the CIL
code into machine code. To improve performance, however, .NET Framework comes
with Native Image Generator (NGEN) that performs ahead-of-time compilation.
Figure 2: visual overview of the common language infrastructure (CLI)
CLASS LIBRARY
.NET Framework includes a set of standard class libraries. The class library is
organized in a hierarchy of namespaces. Most of the built-in APIs are part of
either System.* or Microsoft.* namespaces. These class libraries implement a large
number of common functions, such as file reading and writing, graphic rendering,
database interaction, and XML document manipulation, among others. .NET class
libraries are available to all CLI compliant languages. .NET Framework class library
is divided into two parts: Framework Class Library (FCL) and Base Class
Library (BCL).
.NET CORE
.NET Core is a free and open-source partial implementation of the .NET
Framework. It consists of CoreCLR and CoreFX, which are partial forks of CLR and
BCL respectively.NET Core comes with an improved JIT compiler, called RyuJIT.
ASSEMBLIES
Compiled CIL code is stored in CLI assemblies. As mandated by the
specification, assemblies are stored in Portable Executable (PE) file format, common
on Windows platform for all DLL and EXE files. Each assembly consists of one
or more files, one of which must contain a manifest bearing the metadata for the
assembly. The complete name of an assembly (not to be confused with the file name
on disk) contains its simple text name, version number, culture, and public key token.
Assemblies are considered equivalent if they share the same complete name,
excluding the revision of the version number. A private key can also be used by the
creator of the assembly for strong naming. The public key token identifies which
private key an assembly is signed with. Only the creator of the keypair (typically
.NET developer signing the assembly) can sign assemblies that have the same strong
name as a previous version assembly, since the creator is in possession of the private
key. Strong naming is required to add assemblies to Global Assembly Cache.
DESIGN TENETS
LANGUAGE INDEPENDENCE
.NET Framework introduces a Common Type System (CTS) that defines all
possible datatypes and programming constructs supported by CLR and how they may
or may not interact with each other conforming to CLI specification. Because of this
feature, .NET Framework supports the exchange of types and object instances
between libraries and applications written using any conforming .NET language.
PORTABILITY
While Microsoft has never implemented the full framework on any system
except Microsoft Windows, it has engineered the framework to be platform-
agnostic, and cross-platform implementations are available for other operating
systems. Microsoft submitted the specifications for CLI (which includes the core class
libraries, CTS, and CIL), and C++/CLI to both ECMA and ISO, making them
available as official standards. This makes it possible for third parties to create
compatible implementations of the framework and its languages on other platforms.
SECURITY
.NET Framework has its own security mechanism with two general
features: Code Access Security (CAS), and validation and verification. CAS is based
on evidence that is associated with a specific assembly. Typically the evidence is the
source of the assembly (whether it is installed on the local machine or has been
downloaded from the intranet or Internet). CAS uses evidence to determine the
permissions granted to the code. Other code can demand that calling code be granted a
specified permission. The demand causes CLR to perform a call stack walk: every
assembly of each method in the call stack is checked for the required permission; if
any assembly is not granted the permission a security exception is thrown.
MEMORY MANAGEMENT
CLR frees the developer from the burden of managing memory (allocating and
freeing up when done); it handles memory management itself by detecting when
memory can be safely freed. Instantiations of .NET types (objects) are allocated from
the managed heap; a pool of memory managed by CLR. As long as there exists a
reference to an object, which might be either a direct reference to an object or via
a graph of objects, the object is considered to be in use. When there is no reference to
an object, and it cannot be reached or used, it becomes garbage, eligible for collection.
.NET Framework includes a garbage collector which runs periodically, on a
separate thread from the application's thread, that enumerates all the unusable objects
and reclaims the memory allocated to them and this is more effcient then the java.
SIMPLIFIED DEPLOYMENT
.NET Framework includes design features and tools which help manage the
installation of computer software to ensure that it does not interfere with previously
installed software, and that it conforms to security requirements.
Features Of . Net:
Microsoft .NET is a set of Microsoft software technologies for rapidly building

and integrating XML Web services, Microsoft Windows-based applications, and Web
solutions. The .NET Framework is a language-neutral platform for writing programs
that can easily and securely interoperate. Theres no language barrier with .NET: there
are numerous languages available to the developer including Managed C++, C#,
Visual Basic and Java Script. The .NET framework provides the foundation for
components to interact seamlessly, whether locally or remotely on different platforms.
It standardizes common data types and communications protocols so that components
created in different languages can easily interoperate.
.NET is also the collective name given to various software components built
upon the .NET platform. These will be both products (Visual Studio.NET and
Windows.NET Server, for instance) and services (like Passport, .NET My Services,
and so on).
THE .NET FRAMEWORK
The .NET Framework has two main parts:
1. The Common Language Runtime (CLR).
2. A hierarchical set of class libraries.
The CLR is described as the execution engine of .NET. It provides the

environment within which programs run. The most important features are
Conversion from a low-level assembler-style language, called

Intermediate Language (IL), into code native to the platform being
executed on.
Memory management, notably including garbage collection.
Checking and enforcing security restrictions on the running code.
Loading and executing programs, with version control and other such
features.
The following features of the .NET framework are also worth
description:
Managed Code:
The code that targets .NET, and which contains certain extra Information-
metadata - to describe itself. Whilst both managed and unmanaged code can run in
the runtime, only managed code contains the information that allows the CLR to
guarantee, for instance, safe execution and interoperability.
Managed Data
With Managed Code comes Managed Data. CLR provides memory

allocation and Deal location facilities, and garbage collection. Some .NET languages
use Managed Data by default, such as C#, Visual Basic.NET and JScript.NET,
whereas others, namely C++, do not. Targeting CLR can, depending on the language
youre using, impose certain constraints on the features available. As with managed
and unmanaged code, one can have both managed and unmanaged data in .NET
applications - data that doesnt get garbage collected but instead is looked after by
unmanaged code.
Common Type System
The CLR uses something called the Common Type System (CTS) to strictly
enforce type-safety. This ensures that all classes are compatible with each other, by
describing types in a common way. CTS define how types work within the runtime,
which enables types in one language to interoperate with types in another language,
including cross-language exception handling. As well as ensuring that types are only
used in appropriate ways, the runtime also ensures that code doesnt attempt to access
memory that hasnt been allocated to it.
Common Language Specification
The CLR provides built-in support for language interoperability. To ensure

that you can develop managed code that can be fully used by developers using any
programming language, a set of language features and rules for using them called the
Common Language Specification (CLS) has been defined. Components that follow
these rules and expose only CLS features are considered CLS-compliant.
THE CLASS LIBRARY
.NET provides a single-rooted hierarchy of classes, containing over

7000 types. The root of the namespace is called System; this contains basic types like
Byte, Double, Boolean, and String, as well as Object. All objects derive from System.
Object. As well as objects, there are value types. Value types can be allocated on the
stack, which can provide useful flexibility. There are also efficient means of
converting value types to object types if and when necessary.
The set of classes is pretty comprehensive, providing collections, file,

screen, and network I/O, threading, and so on, as well as XML and database
connectivity.
The class library is subdivided into a number of sets (or namespaces),

each providing distinct areas of functionality, with dependencies between the
namespaces kept to a minimum.
OVERLOADING
Overloading is another feature in C#. Overloading enables us to define multiple

procedures with the same name, where each procedure has a different set of
arguments. Besides using overloading for procedures, we can use it for constructors
and properties in a class.
MULTITHREADING:
C#.NET also supports multithreading. An application that supports

multithreading can handle multiple tasks simultaneously, we can use multithreading
to decrease the time taken by an application to respond to user interaction.
STRUCTURED EXCEPTION HANDLING
C#.NET supports structured handling, which enables us to detect and remove

errors at runtime. In C#.NET, we need to use TryCatchFinally statements to
create exception handlers. Using TryCatchFinally statements, we can create
robust and effective exception handlers to improve the performance of our
application.
THE .NET FRAMEWORK
The .NET Framework is a new computing platform that simplifies application

development in the highly distributed environment of the Internet.
OBJECTIVES OF. NET FRAMEWORK
1. To provide a consistent object-oriented programming environment whether

object codes is stored and executed locally on Internet-distributed, or executed
remotely.
2. To provide a code-execution environment to minimizes software deployment and

guarantees safe execution of code.
3. Eliminates the performance problems.
There are different types of application, such as Windows-based applications and

Web-based applications.
MICROSOFT SQL SERVER
Microsoft SQL Server is a relational database management system developed

by Microsoft. As a database, it is a software product whose primary function is to
store and retrieve data as requested by other software applications, be it those on the
same computer or those running on another computer across a network (including the
Internet). There are at least a dozen different editions of Microsoft SQL Server aimed
at different audiences and for workloads ranging from small single-machine
applications to large Internet-facing applications with many concurrent users. Its
primary query languages are T-SQL and ANSI SQL.
HISTORY:
GENESIS
Prior to version 7.0 the code base for MS SQL Server was sold by Sybase SQL
Server to Microsoft, and was Microsoft's entry to the enterprise-level database market,
competing against Oracle, IBM, and, later, Sybase. Microsoft, Sybase and Ashton-
Tate originally worked together to create and market the first version named SQL
Server 1.0 for OS/2 (about 1989) which was essentially the same as Sybase SQL
Server 3.0 on Unix,VMS, etc.
Since the release of SQL Server 2000, advances have been made in performance, the
client IDE tools, and several complementary systems that are packaged with SQL
Server 2005. These include:
an extract-transform-load (ETL) tool (SQL Server Integration Services or SSIS)

a Reporting Server
an OLAP and data mining server (Analysis Services)
Common Language Runtime (CLR) integration was introduced with this

version, enabling one to write SQL code as Managed Code by the CLR. For relational
data, T-SQL has been augmented with error handling features (try/catch) and support
for recursive queries with CTEs (Common Table Expressions). SQL Server 2005 has
also been enhanced with new indexing algorithms, syntax and better error recovery
systems.
FEATURES SQL SERVER:
The OLAP Services feature available in SQL Server version 7.0 is now called
SQL Server 2000 Analysis Services. The term OLAP Services has been replaced with
the term Analysis Services. Analysis Services also includes a new data mining
component. The Repository component available in SQL Server version 7.0 is now
called Microsoft SQL Server 2000 Meta Data Services. References to the component
now use the term Meta Data Services. The term repository is used only in reference to
the repository engine within Meta Data Services
SQL-SERVER database consist of six type of objects,
They are,
1. TABLE
2. QUERY
3. FORM
4. REPORT
5. MACRO
TABLE:
A database is a collection of data about a specific topic.
VIEWS OF TABLE:
We can work with a table in two types,
1. Design View
2. Datasheet View
Design View
To build or modify the structure of a table we work in the table design view.
We can specify what kind of data will be hold.
Datasheet View
To add, edit or analyses the data itself we work in tables datasheet view mode.
QUERY:
A query is a question that has to be asked the data. Access gathers data that
answers the question from one or more table. The data that make up the answer is
either dynaset (if you edit it) or a snapshot (it cannot be edited).Each time we run
query, we get latest information in the dynaset. Access either displays the dynaset or
snapshot for us to view or perform an action on it, such as deleting or updating.
CHAPTER 8
INPUT DESIGN AND OUTPUT DESIGN
INPUT DESIGN
The input design is the link between the information system and the user. It
comprises the developing specification and procedures for data preparation and
those steps are necessary to put transaction data in to a usable form for
processing can be achieved by inspecting the computer to read data from a
written or printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on controlling the amount
of input required, controlling the errors, avoiding delay, avoiding extra steps
and keeping the process simple. The input is designed in such a way so that it
provides security and ease of use with retaining the privacy. Input Design
considered the following things:
What data should be given as input?

How the data should be arranged or coded?
The dialog to guide the operating personnel in providing input.
Methods for preparing input validations and steps to follow when error
occur.
OBJECTIVES
1.Input Design is the process of converting a user-oriented description of the

input into a computer-based system. This design is important to avoid errors in
the data input process and show the correct direction to the management for
getting correct information from the computerized system.
2. It is achieved by creating user-friendly screens for the data entry to handle

large volume of data. The goal of designing input is to make data entry easier
and to be free from errors. The data entry screen is designed in such a way that
all the data manipulates can be performed. It also provides record viewing
facilities.
3.When the data is entered it will check for its validity. Data can be entered with
the help of screens. Appropriate messages are provided as when needed so that
the user
will not be in maize of instant. Thus the objective of input design is to create an
input layout that is easy to follow
OUTPUT DESIGN
A quality output is one, which meets the requirements of the end user and
presents the information clearly. In any system results of processing are
communicated to the users and to other system through outputs. In output
design it is determined how the information is to be displaced for immediate
need and also the hard copy output. It is the most important and direct source
information to the user. Efficient and intelligent output design improves the
systems relationship to help user decision-making.
1. Designing computer output should proceed in an organized, well thought out

manner; the right output must be developed while ensuring that each output
element is designed so that people will find the system can use easily and
effectively. When analysis design computer output, they should Identify the
specific output that is needed to meet the requirements.
2.Select methods for presenting information.
3.Create document, report, or other formats that contain information produced

by the system.
The output form of an information system should accomplish one or more of the
following objectives.
Convey information about past activities, current status or projections of

the
Future.
Signal important events, opportunities, problems, or warnings.
Trigger an action.
Confirm an action.
CHAPTER 9
SYSTEM DESIGN
ARCHITECTURE:
9.1 USE CASE DIAGRAM:
To model a system the most important aspect is to capture the dynamic

behaviour. To clarify a bit in details, dynamic behaviour means the behaviour of the
system when it is running /operating. So only static behaviour is not sufficient to
model a system rather dynamic behaviour is more important than static behaviour.
In UML there are five diagrams available to model dynamic nature and use
case diagram is one of them. Now as we have to discuss that the use case diagram is
dynamic in nature there should be some internal or external factors for making the
interaction. These internal and external agents are known as actors. So use case
diagrams are consists of actors, use cases and their relationships.
The diagram is used to model the system/subsystem of an application. A single

use case diagram captures a particular functionality of a system. So to model the entire
system numbers of use case diagrams are used. A use case diagram at its simplest is a
representation of a user's interaction with the system and depicting the specifications
of a use case. A use case diagram can portray the different types of users of a system
and the case and will often be accompanied by other types of diagrams as well.
Register
Dataowner
Login
view file
domain
request secret key
user
upload file
decrypt key
rootauthority
view authorised
csp
requwest key details
view all user/owner

9.2 CLASS DIAGRAM:
In software engineering, a class diagram in the Unified Modeling Language

(UML) is a type of static structure diagram that describes the structure of a
system by showing the system's classes, their attributes, operations (or
methods), and the relationships among the classes. It explains which class
contains information.
9.3 SEQUENCE DIAGRAM:
A sequence diagram in Unified Modeling Language (UML) is a kind of

interaction diagram that shows how processes operate with one another and in
what order. It is a construct of a Message Sequence Chart. Sequence diagrams
are sometimes called event diagrams, event scenarios, and timing diagrams.
dataowner user domainauthorit root authority csp

y
register
register
login
login
login
login
login
upload file
view file
view file
upload file
search key
download file
view graph
9.4 ACTIVITY DIAGRAM:
Activity diagrams are graphical representations of workflows of stepwise

activities and actions with support for choice, iteration and concurrency. In the
Unified Modeling Language, activity diagrams can be used to describe the
business and operational step-by-step workflows of components in a system. An
activity diagram shows the overall flow of control.
CSP
DATAOWNER USER DOMAINAUTH RootAuthority
ORITY
view domain all data owner

view file view details
Register authorized authority
Analysis graph
vie secret key view request view
\view file transaction
view user view graph

view decrypt view user
request secret key details
key
search file
view upload file
logout
9.5 TABLE DESIGN

CHAPTER 10
SYSTEM STUDY
FEASIBILITY STUDY:
The feasibility of the project is analyzed in this phase and business

proposal is put forth with a very general plan for the project and some cost
estimates. During system analysis the feasibility study of the proposed system is
to be carried out. This is to ensure that the proposed system is not a burden to
the company. For feasibility analysis, some understanding of the major
requirements for the system is essential.
Three key considerations involved in the feasibility analysis are
Economical feasibility
Technical feasibility
Social feasibility
ECONOMICAL FEASIBILITY:
This study is carried out to check the economic impact that the system
will have on the organization. The amount of fund that the company can pour
into the research and development of the system is limited. The expenditures
must be justified. Thus the developed system as well within the budget and this
was achieved because most of the technologies used are freely available. Only
the customized products had to be purchased.
TECHNICAL FEASIBILITY:
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a
high demand on the available technical resources. This will lead to high
demands on the available technical resources. This will lead to high demands
being placed on the client. The developed system must have a modest
requirement, as only minimal or null changes are required for implementing this
system.
SOCIAL FEASIBILITY:
The aspect of study is to check the level of acceptance of the system by

the user. This includes the process of training the user to use the system
efficiently. The user must not feel threatened by the system, instead must accept
it as a necessity. The level of acceptance by the users solely depends on the
methods that are employed to educate the user about the system and to make
him familiar with it. His level of confidence must be raised so that he is also
able to make some constructive criticism, which is welcomed, as he is the final
user of the system.
CHAPTER 11
SYSTEM TESTING
The purpose of testing is to discover errors. Testing is the process of

trying to discover every conceivable fault or weakness in a work product. It
provides a way to check the functionality of components, sub assemblies,
assemblies and/or a finished product It is the process of exercising software
with the intent of ensuring that the Software system meets its requirements and
user expectations and does not fail in an unacceptable manner. There are
various types of test. Each test type addresses a specific testing requirement.
TYPES OF TESTS:
Testing is the process of trying to discover every conceivable fault or
weakness in a work product. The different type of testing are given below:
UNIT TESTING:
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid
outputs. All decision branches and internal code flow should be validated. It is
the testing of individual software units of the application .it is done after the
completion of an individual unit before integration.
This is a structural testing, that relies on knowledge of its construction

and is invasive. Unit tests perform basic tests at component level and test a
specific business process, application, and/or system configuration. Unit tests
ensure that each unique path of a business process performs accurately to the
documented specifications and contains clearly defined inputs and expected
results.
INTEGRATION TESTING:
Integration tests are designed to test integrated software components to
determine if they actually run as one program. Testing is event driven and is
more concerned with the basic outcome of screens or fields. Integration tests
demonstrate that although the components were individually satisfaction, as
shown by successfully unit testing, the combination of components is correct
and consistent. Integration testing is specifically aimed at exposing the
problems that arise from the combination of components.
FUNCTIONAL TEST:
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be
exercised.
Systems/ Procedures: interfacing systems or procedures must be invoked.
Organization and preparation of functional tests is focused on requirements,

key functions, or special test cases. In addition, systematic coverage pertaining
to identify Business process flows; data fields, predefined processes, and
successive processes must be considered for testing. Before functional testing is
complete, additional tests are identified and the effective value of current tests is
determined.
SYSTEM TEST:
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results.
An example of system testing is the configuration oriented system integration
test. System testing is based on process descriptions and flows, emphasizing
pre-driven process links and integration points.
WHITE BOX TESTING:

White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at
least its purpose. It is purpose. It is used to test areas that cannot be reached
from a black box level.
BLACK BOX TESTING:
Black Box Testing is testing the software without any knowledge of the
inner workings, structure or language of the module being tested. Black box
tests, as most other kinds of tests, must be written from a definitive source
document, such as specification or requirements document, such as
specification or requirements document. It is a testing in which the software
under test is treated, as a black box .you cannot see into it. The test provides
inputs and responds to outputs without considering how the software works.
UNIT TESTING:
Unit testing is usually conducted as part of a combined code and unit test
phase of the software lifecycle, although it is not uncommon for coding and unit
testing to be conducted as two distinct phases.
Test strategy and approach
Field testing will be performed manually and functional tests will be
written in detail.
Test objectives
All field entries must work properly.
Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
No duplicate entries should be allowed
All links should take the user to the correct page.
INTEGRATION TESTING:
Software integration testing is the incremental integration testing of two
or more integrated software components on a single platform to produce failures
caused by interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or one step up software
applications at the company level interact without error.
Test Results: All the test cases mentioned above passed successfully. No
defects encountered.
ACCEPTANCE TESTING:
User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets
the functional requirements.
Test Results: All the test cases mentioned above passed successfully. No
defects encountered
CHAPTER 12
FUTURE WORK
In further research, we intend to focus on making the CP-ABE algorithm

simpler and more efficient along with making it even more suitable for access
con-trol in a cloud environment.
CHAPTER 13
SOURCE CODE
USERLOGIN
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
public partial class _Default : System.Web.UI.Page
SqlConnection con = new

SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]);
SqlDataAdapter da;
DataSet ds;
protected void Page_Load(object sender, EventArgs e)
TextBox3.Focus();
if (con.State == ConnectionState.Closed)
con.Open();
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
if (TextBox3.Text != "" && TextBox4.Text != "")
da = new SqlDataAdapter("select count(*) from UserRegister where Name='" +

TextBox3.Text + "' and Password='" + TextBox4.Text + "' and status='Activate' ", con);
int n = Convert.ToInt32(da.SelectCommand.ExecuteScalar());
if (n == 1)
da = new SqlDataAdapter("select Id from UserRegister where Name='" +

TextBox3.Text + "' and Password='" + TextBox4.Text + "' ", con);
ds = new DataSet();
da.Fill(ds, "UserRegister");
if (ds.Tables["UserRegister"].Rows.Count > 0 && ds.Tables.Count > 0)

{
Session.Add("uid", ds.Tables["UserRegister"].Rows[0][0].ToString());
//Session["uid"] = uid;
Session["Nname"] = TextBox3.Text;
Response.Redirect("userlink.aspx");
else
Label4.Text = "Invalid userid and password.";
else
Label4.Text = "Invalid userid and password.Its Deactivated by Admin.Try

Agian!.";
TextBox3.Text = "";
Response.Redirect("userregister.aspx");
}
USER REGISTER
using System;
using System.Data;
using System.Linq;
using System.Web;
public partial class Default2 : System.Web.UI.Page

Class1 cs = new Class1();

int id;
string status = "Activate";
id = cs.idgeneration();
Label12.Text = Convert.ToString(id);
con.Open();
SqlCommand cmd = new SqlCommand("insert into UserRegister values('" +

Label12.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" +
TextBox5.Text + "','" + TextBox6.Text + "','" + TextBox7.Text + "','" + TextBox8.Text + "','"
+ status + "')", con);
cmd.ExecuteNonQuery();
con.Close();
//Label8.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
TextBox6.Text = "";
TextBox7.Text = "";
TextBox8.Text = "";
//TextBox9.Text = "";
//DropDownList1.Text = "";
//Label10.Text = "register successfully";
// RegisterStartupScript("msg", "<script>alert('Registered Successfully...!')</script>");
RegisterStartupScript("msg", "<script>alert(' Register successfully')</script>");
//Response.Redirect("home.aspx");
USERDETAILS
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.Collections.Generic;
using System.Data.OleDb;
using System.Web.SessionState;
protected void download_Click(object sender, EventArgs e)
LinkButton lnkbtn = sender as LinkButton;
GridViewRow gvrow = lnkbtn.NamingContainer as GridViewRow;
int id = Convert.ToInt32(GridView2.DataKeys[gvrow.RowIndex].Value.ToString());
//string name, type;
using (SqlConnection con = new

SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]))
{
using (SqlCommand cmd = new
SqlCommand(ConfigurationManager.AppSettings["ConnectionString"]))
cmd.CommandText = "select id,title,filename,providerlocation,filetype,filedata

from upload where id=@id";
cmd.Parameters.AddWithValue("@id", id);
cmd.Connection = con;
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
Response.ContentType = dr["FileType"].ToString();
Response.AddHeader("Content-Disposition", "attachment;filename=\"" +
dr["fileName"] + "\" ");
Response.BinaryWrite((byte[])dr["fileData"]);
Response.End();
}
SEARCH
using System;
using System.Linq;
using System.Data;
using System.Web;
using System.IO;
using System.Net;
using System.Net.Mail;
{
SqlConnection Con = new

if (TextBox1.Text != null)
try

SqlDataAdapter da = new SqlDataAdapter("select id,title,filename,providerlocation

from upload where filename='" + TextBox1.Text + "'", con);
DataSet ds = new DataSet();
da.Fill(ds);
if (ds.Tables[0].Rows.Count <= 0)
Label10.Visible = false;
Label10.Text = "NO RECORDS AVAILABLE";
GridView2.DataSource = ds;
GridView2.DataBind();
catch (Exception ex)
Label10.Visible = false;
Label10.Text = "Error --> " + ex.Message;
protected void download_Click(object sender, EventArgs e)
LinkButton lnkbtn = sender as LinkButton;
GridViewRow gvrow = lnkbtn.NamingContainer as GridViewRow;
int id = Convert.ToInt32(GridView2.DataKeys[gvrow.RowIndex].Value.ToString());
//string name, type;

{
using (SqlCommand cmd = new
SqlCommand(ConfigurationManager.AppSettings["ConnectionString"]))
cmd.CommandText = "select id,title,filename,providerlocation,filetype,filedata

from upload where id=@id";
cmd.Parameters.AddWithValue("@id", id);
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
Response.ContentType = dr["FileType"].ToString();
Response.AddHeader("Content-Disposition", "attachment;filename=\"" +
dr["FileName"] + "\" ");
Response.BinaryWrite((byte[])dr["FileData"]);
Response.End();
}
OWNERLOGIN
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.IO;
using System.Net;

string name, pass, yes;

if (TextBox1.Text == "")
string myStringVariable1 = string.Empty;
myStringVariable1 = "Enter Owner Name";
ClientScript.RegisterStartupScript(this.GetType(), "myalert", "alert('" +

myStringVariable1 + "');", true);
else
myStringVariable1 = "Enter Owner Password";

else
{
SqlDataAdapter adp = new SqlDataAdapter("select * from OwnerRegister", con);
adp.Fill(ds);
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
name = ds.Tables[0].Rows[i]["Username"].ToString();
pass = ds.Tables[0].Rows[i]["Password"].ToString();
if (TextBox1.Text == name && TextBox2.Text == pass)
yes = "yes";
if (yes == "yes")
Session["OwnerName"] = TextBox1.Text;
//Response.Redirect("fileupload.aspx");
Response.Redirect("ownerlink.aspx");
//Panel2.Visible = true;
//this.Button1.Attributes.Add("onclick", "javascript:return OpenPopup()");
//onClick="genericPopup(this.href,300,300,no)"
//Response.Write("<script>window.close()</script>");
}
else
myStringVariable1 = "Enter OwnerName/Password Correctly.";

protected void ImageButton2_Click1(object sender, ImageClickEventArgs e)
Response.Redirect("ownerreg.aspx");
OWNERREGISTER
using System;
using System.Data;
using System.Linq;
using System.Web;

int id;
//string status = "authorized";
id = cs.idgeneration1();
Label8.Text = Convert.ToString(id);
con.Open();
SqlCommand cmd = new SqlCommand("insert into OwnerRegister values('" +
Label8.Text + "','" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox7.Text + "','" +
TextBox8.Text + "','" + TextBox9.Text + "','" + TextBox10.Text + "','" +
DropDownList2.Text + "')", con);
con.Close();
Label8.Text = "";
TextBox1.Text = "";
TextBox2.Text = "";
TextBox7.Text = "";
TextBox8.Text = "";
TextBox9.Text = "";
TextBox10.Text = "";
DropDownList2.Text = "";
UPLOADKEY
using System;
using System.Linq;
using System.Data;
using System.Web;
using System.IO;
using System.Net;
{
using (SqlConnection Con = new
try
Con.Open();
SqlCommand cmd1 = new SqlCommand("select * from upload where filename =

@filename", Con);
cmd1.Parameters.Add("@filename", SqlDbType.VarChar, 50).Value =

TextBox2.Text;
SqlDataReader dr1 = cmd1.ExecuteReader();
if (dr1.Read())
//lblmsg.Visible = true;
//lblmsg.Text = "Document already exist";
else
//INSERT TO TABLE
string filename = Path.GetFileName(FileUpload1.PostedFile.FileName);
if (filename == "")
// lblmsg.Visible = true;
// lblmsg.Text = "select the file name";

}
else
//Random key generation
//Random val = new Random();
//int rno = val.Next(123, 1000);
//message = Convert.ToString(rno);
Stream str = FileUpload1.PostedFile.InputStream;
BinaryReader br = new BinaryReader(str);
Byte[] size = br.ReadBytes((int)str.Length);
//upload count
// var Count = document.getElementById('FileUpload2').files.length;
// if(Count > 10) // Selected images with in 10 count
// {
//alert("Please select only 10 images..!!!");
//return false;
// }
// else if(Count <= 0) // Selected atleast 1 image check
// {
//alert("Please select atleat 1 image..!!!");
//return false;
// }
//return true; // Good to go
//}

using (SqlCommand cmd = new SqlCommand())
// cmd.CommandText = "insert into

upload(id,fileid,name,title,date,filename,filetype,filedata)
values(@id,@fileid,@name,@title,@date,@filename,@filetype,@filedata)";
cmd.CommandText = "insert into

upload(id,title,filename,providerlocation,filetype,filedata)
values(@id,@title,@filename,@providerlocation,@filetype,@filedata)";
cmd.Parameters.AddWithValue("@id", TextBox3.Text);
cmd.Parameters.AddWithValue("@title", TextBox2.Text);
//cmd.Parameters.AddWithValue("@filetitle", DropDownList1.Text);
//cmd.Parameters.AddWithValue("@cash", TextBox2.Text);
//cmd.Parameters.AddWithValue("@title", TextBox3.Text);
cmd.Parameters.AddWithValue("@filename", filename);
cmd.Parameters.AddWithValue("@providerlocation", TextBox1.Text);
cmd.Parameters.AddWithValue("@filetype", "application/word");
cmd.Parameters.AddWithValue("@filedata", size);
//cmd.Parameters.AddWithValue("@count", count);
//cmd.Parameters.AddWithValue("@securitykey", TextBox2.Text);
con.Open();
con.Close();
Label7.Visible = true;
Label7.Text = "File Uploaded Successfully";
dr1.Close();
Label7.Visible = true;
Label7.Text = "Error --> " + ex.Message;
finally
Con.Close();
protected void LinkButton1_Click(object sender, EventArgs e)

{
// Response.Redirect("download.aspx");
REQUESTKEY
using System;
using System.Linq;
using System.Web;
Session["FILENAME"] = DropDownList1.Text;
Session["USERNAME"] = TextBox1.Text;
Label3.Text = "Send successfully";
DOMAINLOGIN
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.IO;
using System.Net;

string name, pass, yes;
{
}
myStringVariable1 = "Enter Owner Name";

else
myStringVariable1 = "Enter Owner Password";

else
SqlDataAdapter adp = new SqlDataAdapter("select * from DomainRegister", con);

adp.Fill(ds);
name = ds.Tables[0].Rows[i]["Username"].ToString();
pass = ds.Tables[0].Rows[i]["Password"].ToString();
if (TextBox8.Text == name && TextBox9.Text == pass)
yes = "yes";
if (yes == "yes")
Session["DomainName"] = TextBox8.Text;
//Response.Redirect("fileupload.aspx");
Response.Redirect("domainlink.aspx");
//Panel2.Visible = true;
//this.Button1.Attributes.Add("onclick", "javascript:return OpenPopup()");
//onClick="genericPopup(this.href,300,300,no)"
//Response.Write("<script>window.close()</script>");
else

myStringVariable1 = "Enter OwnerName/Password Correctly.";

Response.Redirect("domainreg.aspx");
DOMAIN REGISTER
using System;
using System.Data;
using System.Linq;
using System.Web;

//int id;
// string status = "authorized";
con.Open();
SqlCommand cmd = new SqlCommand("insert into DomainRegister values('" +

TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','"
+ TextBox5.Text + "','" + TextBox6.Text + "','" + TextBox7.Text + "')", con);
con.Close();
//Label8.Text = "";
TextBox1.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
TextBox6.Text = "";
TextBox7.Text = "";
//DropDownList1.Text = "";
VIEWKEY
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.IO;
using System.Net;

string mobile = "";
int userid;
string mailid = "cloudprojectdemo15@gmail.com";
string pwd = "Devil123devil";
string subject = "Secure Data Key", message, name;
{
TextBox1.Text = Session["FILENAME"].ToString();
TextBox2.Text = Session["USERNAME"].ToString();
protected void LinkButton1_Click(object sender, EventArgs e)
Random val = new Random();
int rno = val.Next(12345, 54321);
TextBox3.Text = "ABS" + Convert.ToString(rno);
//Session["ID"] = Label6.Text;
Session["FILENAME"] = TextBox1.Text;
Session["USERNAME"] = TextBox2.Text;
Session["KEY"] = TextBox3.Text;
//Label4.Text = "Send successfully";
con.Open();
SqlCommand cmd = new SqlCommand("insert into secerate values('" + TextBox1.Text

+ "','" + TextBox2.Text + "','" + TextBox3.Text + "')", con);
SqlCommand com1 = new SqlCommand("select MailId from UserRegister where
name='" + name + "'", con);
string email = Convert.ToString(com1.ExecuteScalar());
SqlCommand com2 = new SqlCommand("select Contactno from UserRegister where

name='" + TextBox2.Text + "'", con);
mobile = Convert.ToString(com2.ExecuteScalar());
con.Close();
try
WebClient client = new WebClient();
string baseurl =
"http://bulksms.mysmsmantra.com:8080/WebSMS/SMSAPI.jsp?username=micinfsms&pass
word=1049242150&sendername=micinf&mobileno=" + mobile + "&message=" +
TextBox3.Text + "";
Stream data = client.OpenRead(baseurl);
StreamReader reader = new StreamReader(data);
string s = reader.ReadToEnd();
data.Close();
reader.Close();
// Label2.Text = "sent";
}
// lblMsg.Visible = true;
//Label2.Text = "Error --> " + ex.Message;
Response.Redirect("otp.aspx");
RegisterStartupScript("msg", "<script>alert('Key Send Your Mobile

Successfully')</script>");
private void sendemail(string to)
try
message = "<hr><br>" + "Secret Key:" + TextBox3.Text + "<br><br>";
//message = "<hr><br>" + "user name:" + DropDownList2.SelectedItem.Text +

"<br><br>";
NetworkCredential loginInformation = new NetworkCredential(mailid, pwd);
MailMessage msg = new MailMessage();
msg.From = new MailAddress(mailid);
msg.To.Add(new MailAddress(to));
msg.Subject = subject;
msg.Body = message;
msg.IsBodyHtml = true;
SmtpClient client = new SmtpClient("smtp.gmail.com");
client.EnableSsl = true;
client.UseDefaultCredentials = false;
client.Credentials = loginInformation;
client.Send(msg);
catch
//RegisterStartupScript("msg", "<script>alert(' service provider send to usermail get

key')</script>");
private void sendmobile(string to)
try

{
// lblMsg.Visible = true;
//Label2.Text = "Error --> " + ex.Message;
AUTHORIZEUSER
using System;
using System.Data;
using System.Linq;
using System.Web;
{
SqlDataAdapter da;
DataSet ds;
if (con.State == ConnectionState.Closed)
con.Open();
if (Page.IsPostBack != true)
Getcustomers();
private void Getcustomers()
da = new SqlDataAdapter("select Id,Name,status from UserRegister", con);
ds = new DataSet();
GridView1.DataSource = ds.Tables["UserRegister"].DefaultView;
GridView1.DataBind();
}
protected void GridView1_PageIndexChanging(object sender, GridViewPageEventArgs e)
GridView1.PageIndex = e.NewPageIndex;
Getcustomers();
protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs

e)
if (e.CommandName == "Artist")
da = new SqlDataAdapter("select status from UserRegister where Id=" +

Convert.ToInt32(e.CommandArgument.ToString()) + " ", con);
//da = new SqlDataAdapter("select status from UserRegister where Id=" +

Convert.ToInt32(e.CommandArgument.ToString()) + " ", con);
ds = new DataSet();
if (ds.Tables.Count > 0 && ds.Tables["UserRegister"].Rows.Count > 0)
if (ds.Tables["UserRegister"].Rows[0][0].ToString() == "Activate")
da = new SqlDataAdapter("update UserRegister set status='Deactivate' where

Id=" + Convert.ToInt32(e.CommandArgument.ToString()) + " ", con);
int n = da.SelectCommand.ExecuteNonQuery();
if (n == 1)
Getcustomers();
else if (ds.Tables["UserRegister"].Rows[0][0].ToString() == "Deactivate")
da = new SqlDataAdapter("update UserRegister set status='Activate' where Id="

+ Convert.ToInt32(e.CommandArgument.ToString()) + " ", con);
int n = da.SelectCommand.ExecuteNonQuery();
if (n == 1)
Getcustomers();
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
Label uid = new Label();

uid = (Label)GridView1.Rows[e.RowIndex].Cells[1].FindControl("Id");
if (uid.Text != "")
da = new SqlDataAdapter("delete from UserRegister where Id=" +

Convert.ToInt32(uid.Text) + " ", con);
int res = da.SelectCommand.ExecuteNonQuery();
if (res == 1)
Getcustomers();
ROOT LOGIN
using System;
using System.Linq;
using System.Web;
myStringVariable1 = "Enter Admin ID";

else
myStringVariable1 = "Enter Admin Password";

}
else
if (TextBox3.Text == "root" && TextBox4.Text == "root")
Session["adminid"] = TextBox3.Text;
Response.Redirect("rootlink.aspx");
else
myStringVariable1 = "Enter ID/Password Correctly.";

ROOTGRAPH
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.UI.DataVisualization.Charting;
DataSet ds = new DataSet("upload");

SqlDataAdapter dataAdapter = new SqlDataAdapter("Select * from upload", con);
con.Open();
dataAdapter.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
{
Chart1.Series["id"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["id"].ToString().Trim()));
//Chart1.Series["title"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["title"].ToString().Trim()));
//Chart1.Series[""].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["performance_Sem3"].ToString().Trim()));
//Chart1.Series["performance_Sem4"].Points.Add(new DataPoint(i,
Chart1.Series[0].Points[i].AxisLabel =
ds.Tables[0].Rows[i]["filename"].ToString().Trim();
protected void Chart1_Load(object sender, EventArgs e)
}
CSPLOGIN
using System;
using System.Linq;
using System.Web;
myStringVariable1 = "Enter Admin ID";

}
else
myStringVariable1 = "Enter Admin Password";

else
if (TextBox1.Text == "csp" && TextBox2.Text == "csp")
Session["adminid"] = TextBox1.Text;
Response.Redirect("csplink.aspx");
else
myStringVariable1 = "Enter ID/Password Correctly.";

}
}
CSP GRAPH
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.UI.DataVisualization.Charting;

{
DataSet ds = new DataSet("upload");

SqlDataAdapter dataAdapter = new SqlDataAdapter("Select * from upload", con);
con.Open();
dataAdapter.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
Chart1.Series["id"].Points.Add(new DataPoint(i,
ds.Tables[0].Rows[i]["id"].ToString().Trim()));
Chart1.Series[0].Points[i].AxisLabel =
ds.Tables[0].Rows[i]["providerlocation"].ToString().Trim();
}
SCREEN SHOTS
HOME SCREEN:
OWNER LOGIN:
DOMAIN REGISTER:
USERLOGIN:
USERPROFILES
KEYDETAILS:
SEARCH QUERY:
OWNER PROFILES:
UPLOADFILES:
REQUEST SECRETKEY:
DATAOWNER PROFLES:
ROOT LOGIN:
DOMAIN AUTHORITY DETAILS:
FILES PERFORMENCE(GRAPH):
CSP LOGIN
CSP GRAPH:
CHAPTER 14
CONCLUSION
The proposed scheme adopts CP-ABE with constant-size ciphertext thatsolves

the problem oftheciphertext size dependinglinearly on the number of attributes.
Our scheme can maintain the size of ciphertext and the computationof
encryption and decryption at a constant value. Therefore, the scheme can
improve the efficiency of the system. We have performedsome numerical
simulation and the testing results are coincident with the theoretical analysis. In
addition, we prove the scheme is of CCA2 security under the decision-al q-
Bilinear Diffie-Hellman Exponent assumption. Final-ly, we also demonstrate an
application model in a Ha-doop distributed cloud environment.This shows our
scheme hasgood adaptability and scalability in cloudcomputing. In further
research, we intend to focus on making the CP-ABE algorithm simpler and
more efficient along with making it even more suitable for access con-trol in a
cloud environment.
REFERENCES
[1] S. Liu, Y. Long, K. Chen, Key updating technique in identity-based encryption,
Information Sciences,vol.181,no.11,pp:24362440,2011.
[2] S. Yu, C. Wang, K. Ren and W. Lou, Achieving Secure, Scala-ble, and Fine-
grained Data Access Control in Cloud Compu-ting, Proceedings IEEE
INFOCOM,pp:1-9, 2010.
[3] G. Wanga, Q. Liu, J. Wu and M. Guo, Hierarchical attribute-based encryption
and scalable user revocation for sharing data in cloud servers,computersand
security,vol.30,pp:320-331,2011.
[4] H. Deng, Q. Wu, B. Qin, J. Domingo-Ferrer d and L. Zhang, Ciphertext-policy
hierarchical attribute-based encryption with short ciphertexts,Information
Sciences,vol.275,pp:370-384,2014.
[5] A. Ge, R. Zhang and C. Chen, Threshold Ciphertext Policy Attribute-Based
Encryption with Constant Size Ciphertexts, Public Key Cryptography :13th
International Conference on Practice and Theory in Public Key
Cryptography(PKC2010),LNCS7372, pp: 336-349, 2012.
[5] H. Wang, Z. Cao, L. Wang, Multi-use and unidirectional iden-tity-based proxy
re-encryption schemes, Information Sciences,vol.180,no.20,pp:40424059,2010.
[6] J. Shao, Z. Cao, Multi-use unidirectional identity-based proxy re-encryption from
hierarchical identity-based encryption,In-formation Sciences,vol.206,pp:8395,2012.

[7] J. Yu, R. Hao, F. Kong, X. Cheng, J. Fan, Y. Chen, Forward-secure identity-
based signature: security notions and construc-tion,Information
Sciences,vol.181,no.3,pp:648660,2011.
[8] L. Zhang, Q. Wu, B. Qin, J. Domingo-Ferrer, Provably secure one-round identity-
based authenticated asymmetric group key agreement
protocol,InformationSciences,vol.181,no.19,pp:43184329, 2011.
[9] S. Liu, Y. Long, K. Chen, Key updating technique in identity-based encryption,
Information Sciences,vol.181,no.11,pp:24362440,2011.
[9] K. Emura, A. Miyaji, A. Nomura, K. Omote and M. Soshi, A ciphertext-policy
attribute-based encryption scheme with con-stant ciphertext length, Information
Security Practice and Experi-ence:5th International Conf. (ISPEC
2009),LNCS5451,pp:13-23, 2009.
[10] L. Ibraimi, Q. Tang, P. Hartel and Q. Jonker, Efficient and provable secure
ciphertext-policy attribute-based encryption schemes, Information Security Practice
and Experience: 5th Inter-national Conf.(ISPEC 2009),LNCS5451, pp:1-12, 2009.
[11] S. Yu, C. Wang, K. Ren and W. Lou, Achieving Secure, Scala-ble, and Fine-
grained Data Access Control in Cloud Compu-ting, Proceedings IEEE
INFOCOM,pp:1-9, 2010.
[12] S. Ruj, A. Nayak and I. Stojmenovic, DACC: Distributed Ac-cessControl in
Clouds, Proc. 10th Intl Con. Trust, Security and Privacy in Computing and
Communications (TrustCom),IEEE, pp: 91-98, Nov. 2011.
[13] Z. Wan, J. Liu and R.H.Deng, HASBE: A Hierarchical Attrib-ute-Based
Solution for Flexible and Scalable Access Control in Cloud Computing, IEEE
Transactions on Information Forensics and Security, vol. 7, no. 2, pp: 743-754, Apr.
2012.
[14] J. Herranz,F.Laguillaumie and C.R`afols, Constant Size Ci-phertexts in
Threshold Attribute-Based Encryption,Public Key Cryptography:13th International
Conference on Practice and Theory in Public Key Cryptography(PKC
2010),LNCS6056, pp: 1934, 2010.

Attribute-Based Access Control With Constant-Size Ciphertext in Cloud Computing

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Attribute-Based Access Control With Constant-Size Ciphertext in Cloud Computing

Caricato da

Copyright:

Formati disponibili

ATTRIBUTE-BASED ACCESS CONTROL WITH CONSTANT-SIZE

CIPHERTEXT IN CLOUD COMPUTING

1.1 CLOUD COMPUTING

Cloud storage has emerged as a promising solution for providing ubiquitous,

Cloud computing is a recently evolved computing terminology or metaphor

Cloud computing relies on sharing of resources to achieve coherence

The present availability of high-capacity networks, low-cost computers and

One major use of cloud storage is long-term archival, which represents a

1. Read data from the other surviving servers.

2. Reconstruct the corrupted data of the failed server.

3. Write the reconstructed data to a new server.

Agility improves with users' ability to re-provision technological infrastructure

Cost reductions claimed by cloud providers. A public-cloud delivery model

Maintenance of cloud computing applications is easier, because they do not

Multitenancy enables sharing of resources and costs across a large pool of

Centralization of infrastructure in locations with lower costs (such as

Performance is monitored and consistent and loosely coupled architectures are

Scalability and elasticity via dynamic ("on-demand") provisioning of resources

Security can improve due to centralization of data, increased security-focused

1.2.1 Cloud Computing Identifies "Five Essential Characteristices:

ON-DEMAND SELF-SERVICE: A consumer can unilaterally provision

BROAD NETWORK ACCESS: Capabilities are available over the network

RESOURCE POOLING: The provider's computing resources are pooled to

RAPID ELASTICITY: Capabilities can be elastically provisioned and

MEASURED SERVICE: Cloud systems automatically control and optimize

1.3 SERVICE MODELS

Fig 1: Cloud-computing layers accessible within a stack

1.3.1 INFRASTRUCTURE AS A SERVICE (IAAS)

To deploy their applications, cloud users install operating-system images and

1.3.2 PLATFORM AS A SERVICE (PAAS)

PaaS vendors offers a development environment to application developers.The

Some integration and data management providers have also embraced

1.3.3 SOFTWARE AS A SERVICE (SAAS)

In the software as a service (SaaS) model, users gain access to application

Cloud applications differ from other applications in their scalabilitywhich

1.4 DEPLOYMENT MODELS:

1.4.1 PRIVATE CLOUD

Private cloud is cloud infrastructure operated solely for a single organization,

They have a significant physical footprint, requiring allocations of space,

1.4.2 PUBLIC CLOUD

1.4.3 HYBRID CLOUD

Hybrid cloud is a composition of two or more clouds (private, community or

A hybrid cloud service as a cloud computing service that is composed of some

Another example of hybrid cloud is one where IT organizations use public

A primary advantage of cloud bursting and a hybrid cloud model is that an

Cloud architecture, the systems architecture of the software

Fig 2: Cloud computing sample architecture

In this phase a detailed appraisal of the existing system is explained. This

2.1 CURRENT SYSTEM:

2.2 SHORTCOMINGS OF THE CURRENT SYSTEM:

Attribute-based access control can real-ize data confidentiality in the untrusted

This paper proposes a hierarchical ciphertext-policy at-tribute-based encryption

2.4 ADVANTAGE OF PROPOSED SYSTEM:

Shows our scheme hasgood adaptability and scalability in cloudcomputing.

Implementation is the stage of the project when the theoretical design is

The implementation stage involves careful planning, investigation of the

Our project modules are given below:

A literature review is an account of what has been published on a topic by

Besides enlarging your knowledge about the topic, writing a literature

1. INFORMATION SEEKING: the ability to scan the literature

2. CRITICAL APPRAISAL: the ability to apply principles of analysis to

4.2 KEY UPDATING TECHNIQUE IN IDENTITY-BASED ENCRYPTION

DISADVANTAGES OF EXISTING SYSTEM :