Professional Documents
Culture Documents
A PROJECT REPORT
in the partial fulfillment for the award of the degree
of
BACHELOR OF TECHNOLOGY
in
INFORMATION TECHNOLOGY
MAY 2013
BONAFIDE CERTIFICATE
ABSTRACT
Cloud computing has emerged as one of the most influential paradigms in the IT
industry in recent years. Since this new computing technology requires users to entrust
their valuable data to cloud providers, there have been increasing security and privacy
concerns on outsourced data. Several schemes employing attribute-based encryption
(ABE) have been proposed for access control of outsourced data in cloud computing;
however, most of them suffer from inflexibility in implementing complex access control
policies. In order to realize scalable, flexible, and fine-grained access control of
outsourced data in cloud computing, in this paper, we propose hierarchical attribute-setbased encryption (HASBE) by extending ciphertext-policy attribute-set-based encryption
(ASBE) with a hierarchical structure of users. The proposed scheme not only achieves
scalability due to its hierarchical structure, but also inherits flexibility and fine-grained
access control in supporting compound attributes of ASBE. In addition, HASBE employs
multiple value assignments for access expiration time to deal with user revocation more
efficiently than existing schemes.
We formally prove the security of HASBE based on security of the ciphertextpolicy attribute-based encryption (CP-ABE) scheme by Bethencourt et al. and analyze its
performance and computational complexity. We implement our scheme and show that it
is both efficient and flexible in dealing with access control for outsourced data in cloud
computing with comprehensive experiments.
10
TABLE OF CONTENTS
CHAPTER
TITLE
PAGE NO.
LIST OF FIGURES
ii
LIST OF ABBREVATIONS
iii
INTRODUCTION
1.1 About the Project
08
SYSTEM ANALYSIS
2.1 Existing system
09
09
10
REQUIREMENTS SPECIFICATION
3.1 Introduction
12
12
13
3.4Technologies Used
3.4.1 Java
13
13
13
15
SYSTEM DESIGN
3.5 Block Diagram
11
5.1 Modules
26
26
31
31
34
35
REFERENCES
78
SNAP SHOTS
12
LIST OF FIGURES
4
System Design
5.2
5.2
5.2
13
LIST OF ABBREVATIONS
Internet Protocol.
HTTP
14
CHAPTER 1
INTRODUCTION
Aim:
The main aim of this project is to increase the performance of cloud based on
Attribute Based Solution concepts and to provide additional security for cloud using
ASBE.
Synopsis:
Cloud computing has emerged as one of the most influential paradigms in the IT
industry in recent years. Since this new computing technology requires users to entrust
their valuable data to cloud providers, there have been increasing security and privacy
concerns on outsourced data. Several schemes employing attribute-based encryption
(ABE) have been proposed for access control of outsourced data in cloud computing;
however, most of them suffer from inflexibility in implementing complex access control
policies. In order to realize scalable, flexible, and fine-grained access control of
outsourced data in cloud computing, in this paper, we propose hierarchical attribute-setbased encryption (HASBE) by extending cipher text-policy attribute-set-based encryption
(ASBE) with a hierarchical structure of users. The proposed scheme not only achieves
scalability due to its hierarchical structure, but also inherits flexibility and fine-grained
access control in supporting compound attributes of ASBE.
In addition, HASBE employs multiple value assignments for access expiration
time to deal with user revocation more efficiently than existing schemes. We formally
prove the security of HASBE based on security of the cipher text-policy attribute-based
encryption (CP-ABE) scheme by Bethencourt et al. and analyse its performance and
15
computational complexity. We implement our scheme and show that it is both efficient
and flexible in dealing with access control for outsourced data in cloud computing with
comprehensive experiments.
CHAPTER 2
SYSTEM ANALYSIS
16
CHAPTER 3
REQUIREMENT SPECIFICATIONS
3.1 INTRODUCTION
The requirements specification is a technical specification of requirements for
the software products. It is the first step in the requirements analysis process it lists the
requirements of a particular software system including functional, performance and
security requirements. The requirements also provide usage scenarios from a user, an
operational and an administrative perspective. The purpose of software requirements
specification is to provide a detailed overview of the software project, its parameters and
goals. This describes the project target audience and its user interface, hardware and
software requirements. It defines how the client, team and audience see the project and its
functionality.
17
RAM
Processor
Windows XP
Xampp
JDK 1.6
Servlet, Jsp
MySql 3.2
consumer electronics industry. The language that the team created was originally called
Oak.
The first implementation of Oak was in a PDA-type device called Star Seven (*7)
that consisted of the Oak language, an operating system called GreenOS, a user interface,
and hardware. The name *7 was derived from the telephone sequence that was used in
the team's office and that was dialed in order to answer any ringing telephone from any
other phone in the office.
Around the time the First Person project was floundering in consumer
electronics, a new craze was gaining momentum in America; the craze was called "Web
surfing." The World Wide Web, a name applied to the Internet's millions of linked HTML
documents was suddenly becoming popular for use by the masses. The reason for this
was the introduction of a graphical Web browser called Mosaic, developed by ncSA. The
browser simplified Web browsing by combining text and graphics into a single interface
to eliminate the need for users to learn many confusing UNIX and DOS commands.
Navigating around the Web was much easier using Mosaic.
It has only been since 1994 that Oak technology has been applied to the Web.
In 1994, two Sun developers created the first version of Hot Java, and then called Web
Runner, which is a graphical browser for the Web that exists today. The browser was
coded entirely in the Oak language, by this time called Java. Soon after, the Java
compiler was rewritten in the Java language from its original C code, thus proving that
Java could be used effectively as an application language. Sun introduced Java in May
1995 at the Sun World 95 convention.
19
name of main, which will sound familiar to C programmers. The main method is passed
as a parameter an array of strings (similar to the argv[] of C), and is declared as a static
method.
To output text from the program, we execute the println method of System.out,
which is javas output stream. UNIX users will appreciate the thoery behind such a
stream, as it is actually standard output. For those who are instead used to the Wintel
platform, it will write the string passed to it to the users program.
Java consists of two things :
20
Programming language
Platform
Simple
Object-oriented
Distributed
Interpreted
Robust
Secure
Architecture-neutral
Portable
High-performance
Multithreaded
Dynamic
21
The code and can bring about changes whenever felt necessary. Some of the standard
needed to achieve the above-mentioned objectives are as follows:
Java is unusual in that each Java program is both co implied and interpreted. With a
compiler, you translate a Java program into an intermediate language called Java byte
codes the platform independent codes interpreted by the Java interpreter. With an
interpreter, each Java byte code instruction is parsed and run on the computer.
Compilation happens just once; interpretation occurs each time the program is executed.
This figure illustrates how it works:
Fig.3.1
You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (JVM). Every Java interpreter, whether its a Java development tool
or a Web browser that can run Java applets, is an implementation of JVM. That JVM can
also be implemented in hardware. Java byte codes help make write once, run anywhere
possible.
22
You can compile your Java program into byte codes on any platform that has a Java
compiler. The byte codes can then be run on any implementation of the JVm. For
example, that same Java program can e run on Windows NT, Solaris and Macintos
Java program
interpreter
complier
interpreter
23
interpreter
PC-Compatible
macintosh
Power
Windows NT
System 8
24
Youve already been introduced to the JVM. Its the base for the Java platform
and is ported onto various hardware-based platforms.
The Java API is a large collection of ready-made software components that
provide many useful capabilities, such as graphical user interface (GUI) widgets. The
Java API is grouped into libraries (packages) of related components. The following
figure depicts a Java program, such as an application or applet, thats running on the Java
platform. As the figure shows, the Java API and Virtual Machine insulates the Java
program from hardware dependencies.
Fig.3.3
As a platform-independent environment, Java can be a bit slower than native
code. However, smart compliers, weel-tuned interpreters, and just-in-time byte complilers
can bring Javas performance close to that of native code without threatening protability.
25
Introduction TO JSP
Java Server Pages or JSP for short is Sun's solution for developing dynamic web
sites. JSP provide excellent server side scripting support for creating database driven web
applications. JSP enable the developers to directly insert java code into jsp file, this
makes the development process very simple and its maintenance also becomes very easy.
JSP pages are efficient, it loads into the web servers memory on receiving the request
very first time and the subsequent calls are served within a very short period of time.
In today's environment most web sites servers dynamic pages based on user
request. Database is very convenient way to store the data of users and other things.
JDBC provide excellent database connectivity in heterogeneous database environment.
Using JSP and JDBC its very easy to develop database driven web application.
26
Java is known for its characteristic of "write once, run anywhere." JSP pages are
platform independent. Your port your .jsp pages to any platform.
Directives are used to control how the Web container translates and executes the
JSP page.
Scripting elements are inserted into the JSP page's servlet class. See JSP Scripting
Elements for details.
Elements of the form <jsp:XXX ... /> are converted into method calls to JavaBeans
components or invocations of the Java Servlet API.
For a JSP page named pageName, the source for a JSP page's servlet is kept in the file
J2EE_HOME/repository/host/web/
context_root/_0002fpageName_jsp.java
27
For example, the source for the index page (named index.jsp) for
the date localization example discussed at the beginning of the chapter would be named
J2EE_HOME/repository/host/web/date/_0002findex_jsp.java
Both the translation and compilation phases can yield errors that are only
observed when the page is requested for the first time. If an error occurs while the page is
being translated (for example, if the translator encounters a malformed JSP element), the
server will return a ParseException, and the servlet class source file will be empty or
incomplete. The last incomplete line will give a pointer to the incorrect JSP element.
If an error occurs while the JSP page is being compiled (for example, there is a syntax
error in a scriptlet), the server will return a JasperException and a message that
includes the name of the JSP page's servlet and the line where the error occurred.
Once the page has been translated and compiled, the JSP page's servlet for the most part
follows the servlet life cycle described in the section Servlet Life Cycle:
1. If an instance of the JSP page's servlet does not exist, the container:
a. Loads the JSP page's servlet class
b. Instantiates an instance of the servlet class
c. Initializes the servlet instance by calling the jspInit method
2. Invokes the _jspService method, passing a request and response object.
If the container needs to remove the JSP page's servlet, it calls the jspDestroy method.
28
Execution
You can control various JSP page execution parameters using by page directives. The
directives that pertain to buffering output and handling errors are discussed here. Other
directives are covered in the context of specific page authoring tasks throughout the
chapter.
Buffering
When a JSP page is executed, output written to the response object is automatically
buffered. You can set the size of the buffer with the following page directive:
<%@ page buffer="none|xxxkb" %>
A larger buffer allows more content to be written before anything is actually sent back to
the client, thus providing the JSP page with more time to set appropriate status codes and
headers or to forward to another Web resource. A smaller buffer decreases server memory
load and allows the client to start receiving data more quickly.
Handling Errors
Any number of exceptions can arise when a JSP page is executed. To specify that the
Web container should forward control to an error page if an exception occurs, include the
following page directive at the beginning of your JSP page:
<%@ page errorPage="file_name" %>
The Duke's Bookstore application page initdestroy.jsp contains the directive
<%@ page errorPage="errorpage.jsp"%>
The beginning of errorpage.jsp indicates that it is serving as an error page with the
following page directive:
29
The MySQL development project has made its source code available under the
terms of the GNU General Public License, as well as under a variety of proprietary
agreements. MySQL was owned and sponsored by a single for-profit firm, the Swedish
company MySQL AB, now owned by Oracle Corporation.
30
MySQL is written in C and C++. Its SQL parser is written in yacc, and a homebrewed lexical analyzer named sql_lex.cc.MySQL works on many different system
platforms, including AIX, BSDi, FreeBSD, HP-UX, eComStation, i5/OS, IRIX, Linux,
Mac OS X, Microsoft Windows, NetBSD.
Many programming languages with language-specific APIs include libraries for
accessing MySQL databases. These include MySQL Connector/Net for integration with
Microsoft's Visual Studio (languages such as C# and VB are most commonly used) and
the ODBC driver for Java. In addition, an ODBC interface called MyODBC allows
additional programming languages that support the ODBC interface to communicate with
a MySQL database, such as ASP or ColdFusion. The HTSQL - URL based query method
also ships with a MySQL adapter, allowing direct interaction between a MySQL database
and any web client via structured URLs. The MySQL server and official libraries are
mostly implemented in ANSI C/ANSI C++.
MySQL is primarily an RDBMS and therefore ships with no GUI tools to
administer MySQL databases or manage data contained within. Users may use the
included command-line tools, or download MySQL frontends from various parties that
have developed desktop software and web applications to manage MySQL databases,
build database structure, and work with data records.
MySQL can be built and installed manually from source code, but this can be
tedious so it is more commonly installed from a binary package unless special
customizations are required. On most Linux distributions the package management
system can download and install MySQL with minimal effort, though further
configuration is often required to adjust security and optimization settings.Though
MySQL began as a low-end alternative to more powerful proprietary databases, it has
gradually evolved to support higher-scale needs as well.
It is still most commonly used in small to medium scale single-server
deployments, either as a component in a LAMP based web application or as a standalone
database server. Much of MySQL's appeal originates in its relative simplicity and ease of
use, which is enabled by an ecosystem of open source tools such as phpMyAdmin.
31
Uses
MySQL is a popular choice of database for use in web applications, and is a
central component of the widely used LAMP web application software stackLAMP is
an acronym for "Linux, Apache, MySQL, PHP". Its popularity is closely tied to the
popularity of PHP. MySQL is used in some of the most frequently visited web sites on the
Internet, including Flickr, Nokia.com, YouTube and as previously mentioned; Wikipedia,
Google and Facebook.
Introduction to Servlet
A servlet is a Java programming language class used to extend the capabilities of
servers that host applications accessed via a request-response programming model.
Although servlets can respond to any type of request, they are commonly used to extend
the applications hosted by Web servers. Thus, it can be thought of as a Java Applet that
runs on a server instead of a browser.
A Servlet is a Java class in Java EE that conforms to the Java Servlet API, a
protocol by which a Java class may respond to requests. They are not tied to a specific
client-server protocol, but are most often used with the HTTP protocol. Therefore, the
word "Servlet" is often used in the meaning of "HTTP Servlet".Thus, a software
developer may use a servlet to add dynamic content to a Web server using the Java
platform. The generated content is commonly HTML, but may be other data such
as XML. Servlets are the Java counterpart to non-Java dynamic Web content technologies
such as CGI and ASP.NET. Servlets can maintain state in session variables across many
server transactions by using HTTP cookies, or URL rewriting.
To deploy and run a Servlet, a Web container must be used. A Web container is
essentially the component of a Web server that interacts with the servlets. The Web
32
Introduction
At the beginning it is important to answer why to choose XAMPP among so
many server packages available? Well, there are two strong advantages of it. First - it's
configuration is so easy, that even a child can do it. It particularly is minimized to unzip
archive and run setup batch. Second - XAMPP is extremely portable! Moving it from one
directory or drive to another requires only one run of setup_xampp.bat. You can even
install it on USB stick and have your private web server along with your apps go
anywhere with you and to be available on any computer; you plug your USB stick to!
As I read other Wiki articles on how many problems people have with installing and
configuring other servers or server pack I think it can be simplier than with XAMPP.
Differences betweens setup version (EXE) and setup-less version (ZIP) are at least
questionable (half the size for the first one) and I still can't figure out how do the achieve
it? :) But for this tutorial and for advantages of portability we will use ZIP version.
Installing XAMPP
Well... there is actually no installation. Just unzip archive grabbed from Apache
Friends website to a directory of your choice, execute setup_xampp.bat inside unzipped
folder once and answer to a few simple questions (including one, if you want to make
XAMPP portable - i.e. put on a USB stick).
After that, execute xampp_control.exe to run any web server component (like Apache,
MySQL) you need or to install it as system service. If you pass this step, you can open
your browser and point it to localhost to see XAMPP welcome page, which consist of
some modules for checking / granting security to your webapps run under this server. If
everything is double checked and all issues all solved, you may delete contents of httpd
subfolder in you XAMPP directory.
34
Installing Yii
I assume that you've already grabbed zip file containing newest edition of
Yii. If you are already familiar with Yii, you may obey demos folder, but it might be wise
to run at least once a requirements to see, if your fresh XAMPP installation satisfy all
yours and Yii's needs? For this purpose, copy contents of archive to httpd subfolder in
you XAMPP directory and go to localhost in your web browser.
If everything is fine, you may move Yii outside web accessible directory, as
it is advised in documentation, and update bootstrap index.php file in your webapps to
point to correct file. In my situation I put contents of an archive in the same directory as
httpd subfolder (i.e. main XAMPP folder) and rename framework directory to yii.
Therefore my bootstrap file looks like this:
COMPANIES:Using an eyeOS solution for your company can provide you lots of benefits. From
porting your existent apps to your new system to provide you a quality support, you will
be able to choose between the best services to provide your company the perfect solution.
PUBLIC:For public environments, eyeOS can provide a system where, once a user has
signed up, he/she can access the network from any of the public points, having his/her
personal desktop and files. A single eyeOS Server can handle hundreds of thousands of
users! You can visit public environment
signing up a free account with third-party cloud OS often means that you have limited
file storage space and all your data are stored in other peoples server. Next, the
connection speed is dependent on the number of active users at any time. The more
popular the site is, the slower it will get when you are using it.
If what you want is your own dedicated Web OS that you can use to manage your online
stuff, and also to provide an environment to collaborate with your colleagues/partners,
then eyeOS is the software for you.
EyeOS is free and open source cloud OS software that you can install on your own Web
server.
One thing that I like about eyeOS is its small file size and ease of installation. The whole
package is only 2.5MB in size, and the installation required almost zero configuration
(well, there are still several steps involved) and anyone who know how to use a FTP
program can get it up and running in no time.
1. Introduction
1.1 Purpose
This project is to avoid the malpractice and give security for datas based on
Hierarchical Attribute Based Encryption.
Project Scope
Cloud computing has emerged as one of the most influential paradigms in the IT
industry in recent years. Since this new computing technology requires users to entrust
their valuable data to cloud providers, there have been increasing security and privacy
concerns on outsourced data. Several schemes employing attribute-based encryption
(ABE) have been proposed for access control of outsourced data in cloud computing;
36
however, most of them suffer from inflexibility in implementing complex access control
policies. In order to realize scalable, flexible, and fine-grained access control of
outsourced data in cloud computing, in this paper, we propose hierarchical attribute-setbased encryption (HASBE) by extending cipher text-policy attribute-set-based encryption
(ASBE) with a hierarchical structure of users. The proposed scheme not only achieves
scalability due to its hierarchical structure, but also inherits flexibility and fine-grained
access control in supporting compound attributes of ASBE. In addition, HASBE employs
multiple value assignments for access expiration time to deal with user revocation more
efficiently than existing schemes. We formally prove the security of HASBE based on
security of the cipher text-policy attribute-based encryption (CP-ABE) scheme by
Bethencourt et al. and analyse its performance and computational complexity. We
implement our scheme and show that it is both efficient and flexible in dealing with
access control for outsourced data in cloud computing with comprehensive experiments.
2.
Overall Description
2.1Product Perspective
Cloud users store the datas and retrieve the datas from cloud server. Domain
Authority and Trusted Authority monitor data owner and data consumer and secure the
datas. User depend upon his privileges retrieve the datas.
2.3
37
There are two main areas that are related to our proposal in this paper:
1) DomainAuthority: Responsible for find the user attributes to give privileges for
users.
2) TrustedAuthority: Responsible for encrypting the datas and give approval for
data consumers.
38
First of all, such a solution requires an efficient key management mechanism to distribute
decryption keys to authorized users, which has been proven to be very difficult. Next, this
approach lacks scalability and flexibility; as the number of authorized users becomes
large, the solution will not be efficient anymore. In case a previously legitimate user
needs to be revoked, related data has to be re-encrypted and new keys must be distributed
to existing legitimate users again. Last but not least, data owners need to be online all the
time so as to encrypt or re-encrypt data and distribute keys to authorize users.
3. System Features
We extend ASBE with a hierarchical structure to effectively delegate the trusted
authoritys private attribute key generation operation to lower-level domain authorities.
By doing so, the workload of the trusted root authority is shifted to lower-level domain
authorities, which can provide attribute key generations for end users. Thus, this
hierarchical structure achieves great scalability. Yu et al.s scheme, however, only has one
authority to deal with key generation, which is not scalable for large-scale cloud
computing applications.
ISDN
39
4.3Software Interfaces
This software is interacted with the TCP/IP protocol, Socket and listening
on unused ports.
This software is also interacted with the SMTP protocol, sending and
receiving on SMTP protocol.
4.4Communication Interfaces
1. TCP/IP protocol.
2. SMTP
40
5.2Safety Requirements
1. The software may be safety-critical. If so, there are issues associated with its
integrity level
2. The software may not be safety-critical although it forms part of a safetycritical system. For example, software may simply log transactions.
3. If a system must be of a high integrity level and if the software is shown to be
of that integrity level, then the hardware must be at least of the same integrity
level.
4. There is little point in producing 'perfect' code in some language if hardware
and system software (in widest sense) are not reliable.
5. If a computer system is to run software of a high integrity level then that
system should not at the same time accommodate software of a lower integrity
level.
6. Systems with different requirements for safety levels must be separated.
7. Otherwise, the highest level of integrity required must be applied to all systems
in the same environment.
5.3Security Requirements
Do not block the some available ports through the windows firewall
41
ability
CHAPTER 4
Architecture:
42
Privileges
Attribute Based
Application
Owner File
Domain Authority
Consumer
File
Check
Trusted Authority
Approve
Cloud OS
Cloud Users
Fig: 4.1
4.1 Sequence Diagram:
43
44
45
Collaboration Diagram:
46
47
Installation
Xampp Server
Domain
Authority
Cloud OS
Second Level:
Attribute Based
Encryption
Cloud OS
Trusted
Authority
Key
Cloud Server
48
Third Level:
Data
Owner
Trusted
Authority
Cloud OS
Data
Consumer
Cloud
Server
49
Class Diagram
50
CHAPTER 5
SYSTEM DESIGN
5.1 MODULES
computing
has
computational
and
sociological
51
52
CHAPTER 6
CODING AND TESTING
6.1 CODING
Once the design aspect of the system is finalizes the system enters into the coding
and testing phase. The coding phase brings the actual system into action by converting
the design of the system into the code in a given programming language. Therefore, a
good coding style has to be taken whenever changes are required it easily screwed into
the system.
6.2 CODING STANDARDS
Coding standards are guidelines to programming that focuses on the physical
structure and appearance of the program. They make the code easier to read, understand
and maintain. This phase of the system actually implements the blueprint developed
during the design phase. The coding specification should be in such a way that any
programmer must be able to understand the code and can bring about changes whenever
felt necessary. Some of the standard needed to achieve the above-mentioned objectives
are as follows:
Program should be simple, clear and easy to understand.
Naming conventions
Value conventions
Script and comment procedure
Message box format
53
54
55
56
Structure Test
57
58
A successful test is one that uncovers an as-yet- undiscovered error. System testing is the
stage of implementation, which is aimed at ensuring that the system works accurately and
efficiently as expected before live operation commences. It verifies that the whole set of
programs hang together. System testing requires a test consists of several key activities
and steps for run program, string, system and is important in adopting a successful new
system. This is the last chance to detect and correct errors before the system is installed
for user acceptance testing.
The software testing process commences once the program is created and the
documentation and related data structures are designed. Software testing is essential for
correcting errors. Otherwise the program or the project is not said to be complete.
Software testing is the critical element of software quality assurance and represents the
ultimate the review of specification design and coding. Testing is the process of executing
the program with the intent of finding the error. A good test case design is one that as a
probability of finding an yet undiscovered error. A successful test is one that uncovers an
yet undiscovered error. Any engineering product can be tested in one of the two ways:
6.5.1.1 WHITE BOX TESTING
This testing is also called as Glass box testing. In this testing, by knowing
the specific functions that a product has been design to perform test can be conducted that
demonstrate each function is fully operational at the same time searching for errors in
each function. It is a test case design method that uses the control structure of the
procedural design to derive test cases. Basis path testing is a white box testing.
Basis path testing:
59
Equivalence partitioning
Comparison testing
60
Testing begins at the module level and works outward toward the
integration of the entire computer based system.
Different testing techniques are appropriate at different points in time.
The developer of the software and an independent test group conducts
testing.
Testing and Debugging are different activities but debugging must be
accommodated in any testing strategy.
6.5.2.1 INTEGRATION TESTING:
Integration testing is a systematic technique for constructing the program
structure while at the same time conducting tests to uncover errors associated with.
Individual modules, which are highly prone to interface errors, should not be assumed to
work instantly when we put them together. The problem of course, is putting them
together- interfacing. There may be the chances of data lost across on anothers sub
functions, when combined may not produce the desired major function; individually
acceptable impression may be magnified to unacceptable levels; global data structures
can present problems.
6.5.2.2 PROGRAM TESTING:
The logical and syntax errors have been pointed out by program testing.
A syntax error is an error in a program statement that in violates one or more rules of the
language in which it is written. An improperly defined field dimension or omitted
keywords are common syntax error. These errors are shown through error messages
generated by the computer. A logic error on the other hand deals with the incorrect data
fields, out-off-range items and invalid combinations. Since the compiler s will not deduct
61
logical error, the programmer must examine the output. Condition testing exercises the
logical conditions contained in a module. The possible types of elements in a condition
include a Boolean operator, Boolean variable, a pair of Boolean parentheses A relational
operator or on arithmetic expression. Condition testing method focuses on testing each
condition in the program the purpose of condition test is to deduct not only errors in the
condition of a program but also other a errors in the program.
6.5.2.3 SECURITY TESTING:
Security testing attempts to verify the protection mechanisms built in to a system
well, in fact, protect it from improper penetration. The system security must be tested for
invulnerability from frontal attack must also be tested for invulnerability from rear attack.
During security, the tester places the role of individual who desires to penetrate system.
6.5.2.4 VALIDATION TESTING
At the culmination of integration testing, software is completely assembled as a
package. Interfacing errors have been uncovered and corrected and a final series of
software test-validation testing begins. Validation testing can be defined in many ways,
but a simple definition is that validation succeeds when the software functions in manner
that is reasonably expected by the customer. Software validation is achieved through a
series of black box tests that demonstrate conformity with requirement. After validation
test has been conducted, one of two conditions exists.
* The function or performance characteristics confirm to specifications and are accepted.
* A validation from specification is uncovered and a deficiency created.
62
Source Code
63
Screenshots:
64
REFERENCES
[1] R. Buyya, C. ShinYeo, J. Broberg, and I. Brandic, Cloud computing and emerging it
platforms: Vision, hype, and reality for delivering computing as the 5th utility, Future
Generation Comput. Syst., vol. 25, pp. 599616, 2009.
[2]
Amazon
Elastic
Compute
Cloud
(Amazon
EC2)
[Online].
Available:
http://aws.amazon.com/ec2/
[3] Amazon Web Services (AWS) [Online]. Available: https://s3.amazonaws. com/
65
[4] R. Martin, IBM brings cloud computing to earth with massive new data centers,
InformationWeek
Aug.
2008
[Online].
Available:
http://
www.informationweek.com/news/hardware/data_centers/209901523
[5] Google App Engine [Online]. Available: http://code.google.com/appengine/
[6] K. Barlow and J. Lane, Like technology from an advanced alien culture: Google
apps for education at ASU, in Proc. ACM SIGUCCS User Services Conf., Orlando, FL,
2007.
[7] B. Barbara, Salesforce.com: Raising the level of networking, Inf. Today, vol. 27, pp.
4545, 2010.
[8] J. Bell, Hosting EnterpriseData in the CloudPart 9: InvestmentValue Zetta, Tech.
Rep., 2010.
[9] A. Ross, Technical perspective: A chilly sense of security, Commun. ACM, vol. 52,
pp. 9090, 2009.
[10] D. E. Bell and L. J. LaPadula, Secure Computer Systems: Unified Exposition and
Multics Interpretation the MITRE Corporation, Tech. Rep., 1976.
[11] K. J. Biba, Integrity Considerations for Secure Computer Sytems The MITRE
Corporation, Tech. Rep., 1977.
[12] H. Harney, A. Colgrove, and P. D. McDaniel, Principles of policy in secure
groups, in Proc. NDSS, San Diego, CA, 2001.
66
67