Professional Documents
Culture Documents
1. INTRODUCTION
1.1 PROJECT OVERVIEW
With data storage and sharing services (such as Dropbox and Google Drive) provided by the
cloud, people can easily work together as a group by sharing data with each other. More specifically,
once a user creates shared data in the cloud, every user in the group is able to not only access and
modify shared data, but also share the latest version of the shared data with the rest of the group.
Although cloud providers promise a more secure and reliable environment to the users, the integrity of
data in the cloud may still be compromised, due to the existence of hardware/software failures and
human errors. To protect the integrity of data in the cloud, a number of mechanisms have been proposed.
In these mechanisms, a signature is attached to each block in data, and the integrity of data
relies on the correctness of all the signatures. One of the most significant and common features of these
mechanisms is to allow a public verifier to efficiently check data integrity in the cloud without
downloading the entire data, referred to as public auditing (or denoted as Provable Data Possession).
This public verifier could be a client who would like to utilize cloud data for particular purposes (e.g.,
search, computation, data mining, etc.) or a third party auditor (TPA) who is able to provide verification
services on data integrity to users. Most of the previous works focus on auditing the integrity of personal
data. Different from these works, several recent works focus on how to preserve identity privacy from
public verifiers when auditing the integrity of shared data. Unfortunately, none of the above
mechanisms, considers the efficiency of user revocation when auditing the correctness of shared data in
the cloud. With shared data, once a user modifies a block, she also needs to compute a new signature for
the modified block. Due to the modifications from different users, different blocks are signed by
different users. For security reasons, when a user leaves the group or misbehaves,this user must be
revoked from the group
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
2. PROBLEM DEFINITION
2.1 EXISTING SYSTEM
In existing mechanisms, a signature is attached to each block in data, and the integrity of data
relies on the correctness of all the signatures. One of the most significant and common features of these
mechanisms is to allow a public verifier to efficiently check data integrity in the cloud without
downloading the entire data, referred to as public auditing (or denoted as Provable Data Possession).This public verifier could be a client who would like to utilize cloud data for particular purposes
(e.g., search, computation, data mining, etc.) or a third-party auditor (TPA) who is able to provide
verification services on data integrity to users. Most of the previous works focus on auditing the
integrity of personal data. Different from these works, several recent works focus on how to preserve
identity privacy from public verifiers when auditing the integrity of shared data. Unfortunately, none of
the above mechanisms, considers the efficiency of user revocation when auditing the correctness of
shared data in the cloud. With shared data, once a user modifies a block, she also needs to compute a
new signature for the modified block. Due to the modifications from different users, different blocks are
signed by different users. As a result, this revoked user should no longer be able to access and modify
shared data, and the signatures generated by this revoked user are no longer valid to the group.
Therefore, although the content of shared data is not changed during user revocation, the blocks, which
were previously signed by the revoked user, still need to be re-signed by an existing user in the group.
DISADVANTAGES
The number of resigned blocks is quite large or the membership of the group is frequently
changing. Straightforward method may cost the existing user a huge amount of communication and
computation resources.
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
ADVANTAGES
This mechanism can significantly improve the efficiency of user revocation.
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Windows 7
IDE
Coding Language
C#.Net
Database
Pentium IV
Speed
2.4 GHZ
RAM
1 GB
Hard disk
80 GB
4. LITERATURE SURVEY
MRITS Department of Computer Science & Engineering
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Literature survey is the most important step in the software development process. Before
developing the tool it is necessary to determine the time factor, economy and company strength. Once
these things are satisfied, then next steps are to determine which operating system and language can be
used for developing the tool. Once the programmers start building the tool, they need a lot of external
support. This support can be obtained from senior programmers, from books or from websites. Before
building the system the above considerations are taken into the account for developing the proposed
system.
5. FEASIBILITY STUDY
MRITS Department of Computer Science & Engineering
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
The feasibility of the project is analyzed in the phase and business proposal is put forth with
a very general plan for the project and some cost estimates. During system analysis the feasibility study
of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to
the company. For feasibility analysis, some understanding of the major requirements for the system is
essential.
Three key considerations involved in the feasibility analysis are
Technical Feasibility
Economical Feasibility
Operational Feasibility
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
worthwhile to process with the entire project or whether the benefits obtained from the new system are
not worth the costs. Financial benefits must be equal or exceed the costs. In this issue, we should
consider:
The cost to conduct a full system investigation.
The cost of hardware and software for the class of application being considered.
The development tool.
The cost of maintenance etc.,
Our project is economically feasible because the cost of development is very minimal when
compared to financial benefits of the application.
6. SYSTEM DESIGN
MRITS Department of Computer Science & Engineering
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Visualization
Specification
Construction
Documentation
Structural things
Behavioural things
Grouping things
Annotational things
These things are the basic object oriented building blocks of UML. They are used to write well-formed
models.
MRITS Department of Computer Science & Engineering
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Dependency
Association
Generalization
Realization
1. Dependency
This is relationship between two classes whenever one class is completely dependent on
other class. Graphically the dashed line represents it with an arrow pointing to the class that it is being
depended on.
----------------------2. Association
It is a relationship between instances of two classes. There is an association between two
classes then an instance of one class must know about the other in order to perform its work. In a
diagram, an association is a link connecting two classes. Graphically it is represented by line as shown
below:
3. Generalization
An inheritance is a link indicating one class is a super class of other. A generalization has a
triangle pointing to the super class. Graphically it is represented by line with a triangle at end as shown
4. Realization
It denotes the implementation of the functionality defined in one class by another class. To
show the relationship in UML, a broken line with an unfilled solid arrowhead is drawn from the class
that defines the functionality to the class that implements the function.
MRITS Department of Computer Science & Engineering
10
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
-----------------------------
UML Diagrams
Diagrams play a very important role in UML. There are nine kind of modeling diagrams as
follows
1.
2.
3.
4.
5.
6.
7.
11
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
A use case diagram is a graphic depiction of the interactions among the elements of a system. Use
case is a methodology used in system analysis to identify, clarify, and organize system requirements.
This is a use case diagram for group member , to view registration, login, files, revoke, view profile,
logout.
12
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Class diagrams describe the static structure of a system, or how it is declared rather than how
it behaves. These diagrams contain classes and associations.
13
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
A sequence diagram is an interaction diagram that details how operations are carried out: what messages
are sent and when. Sequence diagrams are organized according to time. The time progresses as you go
down the page.
14
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Activity diagrams render the activities of a class participating in behavior. These diagrams describe the
behavior of a class in response to internal processing rather than external events. Activity diagrams
describe the processing activities within a class.
15
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
3-Tier Architecture is most commonly used to build web applications. In this model, the
browser acts like a client, middleware or an application server contains the business logic, and database
servers handle data functions. This approach separates business logic from display and data. So the 3
layers commonly known as: Presentation Layer(PL/UI),Business Logic Layer(BLL) & Data Access
Layer(DAL).
Analysis Model
The model that is basically being followed is the WATER FALL MODEL, which states that the
phases are organized in a linear order. First of all the feasibility study is done. Once that part is over the
requirement analysis and project planning begins. If system exists one and modification and addition of
new module is needed, analysis of present system can be used as basic model.
The design starts after the requirement analysis is complete and the coding begins after the design is
complete. Once the programming is completed, the testing is done. In this model the sequence of
activities performed in a software development project are: Requirement Analysis, Project Planning, System design, Detail design, Coding, Unit testing, System
integration & testing.
Here the linear ordering of these activities is critical. End of the phase and the output of one phase is the
input of other phase. The output of each phase is to be consistent with the overall requirement of the
MRITS Department of Computer Science & Engineering
16
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
system. Some of the qualities of spiral model are also incorporated like after the people concerned with
the project review completion of each of the phase the work done.
WATER FALL MODEL was being chosen because all requirements were known beforehand and the
objective of our software development is the computerization/automation of an already existing manual
working system.
7. SYSTEM ENVIRONMENT
MRITS Department of Computer Science & Engineering
17
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Microsoft.NET Framework
The .NET Framework is a new computing platform that simplifies application development
in the highly distributed environment of the Internet. The .NET Framework is designed to fulfill the
following objectives:
To provide a code-execution environment that guarantees safe execution of code, including code
created by an unknown or semi-trusted third party.
To make the developer experience consistent across widely varying types of applications, such as
Windows-based applications and Web-based applications.
To build all communication on industry standards to ensure that code based on the .NET
Framework can integrate with any other code.
The .NET Framework has two main components: the common language runtime and the .NET
Framework class library. The common language runtime is the foundation of the .NET Framework. In
fact, the concept of code management is a fundamental principle of the runtime. Code that targets the
runtime is known as managed code, while code that does not target the runtime is known as unmanaged
code. The class library, is the other main component of the .NET Framework, is a comprehensive,
object-oriented collection of reusable types that you can use to develop applications ranging from
traditional command-line or graphical user interface (GUI) applications to applications based on the
latest innovations provided by ASP.NET, such as Web Forms and XML Web services.
that can exploit both managed and unmanaged features. The .NET Framework not only provides several
runtime hosts, but also supports the development of third-party runtime hosts.
C#.NET
ACTIVE X DATA OBJECTS.NET
MRITS Department of Computer Science & Engineering
18
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
ADO.NET Overview
ADO.NET is an evolution of the ADO data access model that directly addresses user
requirements for developing scalable applications. It was designed specifically for the web with
scalability, statelessness, and XML in mind.
ADO.NET uses some ADO objects, such as the Connection and Command objects, and also introduces
new objects. Key new ADO.NET objects include the DataSet, DataReader, and DataAdapter.
The important distinction between this evolved stage of ADO.NET and previous data architectures is
that there exists an object -- the DataSet -- that is separate and distinct from any data stores. Because of
that, the DataSet functions as a standalone entity. You can think of the DataSet as an always
disconnected recordset that knows nothing about the source or destination of the data it contains. Inside
a DataSet, much like in a database, there are tables, columns, relationships, constraints, views, and so
forth.
A DataAdapter is the object that connects to the database to fill the DataSet. Then, it connects back to
the database to update the data there, based on operations performed while the DataSet held the data
The OLE DB and SQL Server .NET Data Providers (System.Data.OleDb and System.Data.SqlClient)
that are part of the .Net Framework provide four basic objects: the Command, Connection,
DataReader and DataAdapter. In the remaining sections of this document, we'll walk through each
part of the DataSet and the OLE DB/SQL Server .NET Data Providers explaining what they are, and
how to program against them.
The following sections will introduce you to some objects that have evolved, and some that are new.
These objects are:
Connections: For connection to and managing transactions against a database.
Commands: For issuing SQL commands against a database.
Data Readers: For reading a forward-only stream of data records from a SQL Server
data source.
Datasets: For storing, remoting and programming against flat data, XML data and
relational data.
DataAdapters. For pushing data into a DataSet, and reconciling data against a
database.
19
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
When dealing with connections to a database, there are two different options: SQL Server .NET Data
Provider (System.Data.SqlClient) and OLE DB .NET Data Provider (System.Data.OleDb). In these
samples we will use the SQL Server .NET Data Provider. These are written to talk directly to Microsoft
SQL Server. The OLE DB .NET Data Provider is used to talk to any OLE DB provider (as it uses OLE
DB underneath).
ASP.NET
ASP.NET Introduction
ASP.NET is a server-side technology for creating dynamic web pages. This technology
basically used scripting interspersed within HTML to generate information on the fly. The ASP
technology makes the web server active. The Web server does not merely act as a storehouse of Web
Pages, but actually creates HTML pages after the client has requested for the same. This implies that
ASP pages can not only display changing content with time, but also retrieve information from
databases and other servers such as mail servers connected to the Web server at runtime (when a client a
waiting for a response) and display current information to the client.
The prime advantage of this technology is that Web Sites do not have to be updated constantly and
clients always have access to the current information. Of course, performance is affected; s the ASP
pages are parsed every time a client makes a certain request for them.
A Passive Web Server stores static Web Pages
An active Web Server generates dynamic Web Pages
Need for ASP.NET:
The main reasons that led to the development of ASP.NET can be briefly described as follows:
Language Independence
Support for programming
Support for Separation of Code and Content
Simplified Development
Client Platform Independence
20
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
21
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
features to your page. Both, HTML and the script are together in the same file and the script is
downloading as part of the page which anyone can view
Server-Side Scripting
ASP.NET is purely server-side technology. ASP.NET code executes on the server before it is
sent to the browser. The code that is sent back to the browser is pure HTML and not ASP.NET code.
Like client-side scripting, ASP.NET code is similar in a way that it allows you to write your code
alongside HTML. Unlike client-side scripting, ASP.NET code is executed on the server and not in the
browser.
Web Controls
ASP+ provides an upgraded set of controls known as Web controls that provide a consistent
model.
These controls are ultimately rendered as HTML on the client-side but have the added
Intrinsic Controls
List Controls
Rich Controls
Validation Controls
Intrinsic Controls
These controls map to simple HTML elements when rendered on the client-side. They can
be of two types HTML elements that execute on the server-side, or ASP+ provides both types of controls
for flexibility.
List Controls
List controls are used to access and display data from data stores in a Web page.
ASP+ list controls can use server-side binding to automatically fill the lists with data. They can also
page the list, sort the contents, filter the list and select individual items.
They are of three types, Repeater, DataList and DataGrid.
Asp+ also provides two more types of list controls: RadioButtonList and CheckBoxList, but these are
specialized controls that are used in custom applications to display lists as radio buttons or check boxes.
Rich Controls
MRITS Department of Computer Science & Engineering
22
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Rich controls are customized controls provided by ASP+ that provide high-level functionality
to developers. They include the Calendar control and the Ad Rotator control. Future releases of ASP+
are expected to provide controls such as Tree View, Image Generator, etc.
Validation Controls
Validation controls are used to check the data entered by users on both client and server side. They
can be used in place of scripts. While scripts are commonly used for this purpose, they have to be
written especially for each Web form. The uses of controls are moves the need to write such scripts and
makes development simpler and faster.
General Validation
Customized Validation
Validation Summary
Server Application Development
Server-side applications in the managed world are implemented through runtime hosts.
Unmanaged applications host the common language runtime, which allows your custom managed code
to control the behavior of the server. This model provides you with all the features of the common
language runtime and class library while gaining the performance and scalability of the host server.
Server-side managed code
ASP.NET is the hosting environment that enables developers to use the .NET Framework to
target Web-based applications. However, ASP.NET is more than just a runtime host; it is a complete
architecture for developing Web sites and Internet-distributed objects using managed code. Both Web
Forms and XML Web services use IIS and ASP.NET as the publishing mechanism for applications, and
both have a collection of supporting classes in the .NET Framework.
Active Server Pages.NET
ASP.NET is a programming framework built on the common language runtime that can be
used on a server to build powerful Web applications. ASP.NET offers several important advantages over
previous Web development models:
Enhanced Performance.
World-Class Tool Support
Power and Flexibility
MRITS Department of Computer Science & Engineering
23
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Simplicity
Manageability
Scalability and Availability
Customizability and Extensibility Security
Language Support
The Microsoft .NET Platform currently offers built-in support for three languages: C#, Visual
Basic, and JScript.
ASP.NET Authentication
Authentication is the process of obtaining identification credentials such as name and password
from a user and validating those credentials against some authority. Once an identity has been
authenticated, the authorization process determines whether that identity has access to a given resource.
ASP.NET supports the authentication providers described in the following table.
Unexpected Input
Any program connected to the Internet may draw the attention of attackers who will attempt to crash it
or use it as a tool to gain unauthorized access to a company's resources.
The following are the top three types of unexpected input that a programmer must consider when coding
software.
SQL Injection
With SQL, a user can easily connect to a database and make searches, updates, additions,
deletions, and so on. This threat applies to every database server that uses SQL (Oracle, MySQL,
PostgreSQL, etc.)
SQL attacks can be used to gain access to a computer's file system. In fact, with a vulnerable
Microsoft SQL Server system, an attacker could take advantage of a built-in SQL command to install a
backdoor and remotely control the computer, in which case the attacker would "own" all the data stored
on the server. This server could then be used to create a bridge for the attacker from the Internet to an
internal network. There are many other methods of abusing applications using SQL injection techniques.
Deleting whole databases, updating account permissions, bypassing identification checks, and even
installing Trojan horses and viruses can be accomplished under the right conditions.
24
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
25
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Prevention
Much of the responsibility for buffer overflow attacks falls solely at the programmer's feet. In
short, many programmers don't properly protect their variables from unexpected input. To prevent most
buffer overflows, if not all, a program only has to validate all data before it processes it. While this
means that the program will require more thought, code, and testing, it will help prevent buffer overflow
attacks.
Features of ASP.NET
Sessions
One of the challenges to developing a successful Web application is maintaining user
information over the course of a visit, or session, as the user moves from page to page in an
application.ASP.NET
provides
solution
for
managing
session
information
via
the
System.Web.SessionState namespace.
Identifying a Session
The first time a user (or more aptly a client browser) requests an .aspx file within a given
application, ASP.NET assigns a SessionID that is used to uniquely identify and track each active browser
session.
Using a 120-bit string of URL-valid ASCII characters, SessionID values are dynamically generated
using a complex algorithm that guarantees uniqueness so that sessions do not collide, and randomness so
that a malicious user cannot use a new SessionID to calculate the identity of an existing session.
Lifetime of a Session
A session can begin in four ways:
MRITS Department of Computer Science & Engineering
26
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
A new session automatically starts whenever the server receives a request for an .aspx file in an
application that does not contain a valid SessionID cookie.
A user requests an .aspx file and the global.asax file for that application includes a Session_Start
event handler.
A user requests an .aspx file and the application's global.asax file uses the <object> tag to
instantiate an object with session scope.
A user stores a value in the Session object.
Session Variables
ASP.NET enables sharing of information across the pages of an application requested within the
same client session. This functionality is provided via the HttpSessionState class, which exposes a
dictionary of key=value pairs that can be used store information that has to persist for the life of a given
session.
Storing Data in the Session object
To store a variable in the Session object, assign a value to a named entry in the Session object.
For example, the following command stores two new variables in the Session object:
Session ( "First Name" ) = "Surbhi";
Session ( "LastName" ) = "Aggarwal";
To retrieve information from the Session object, access the named entry. You can store user preferences
in the Session object, and then access that preference to determine what page to return to the user
Internet Information Services
Internet Information Services (IIS) 6.0 is a powerful Web server that provides a highly reliable,
manageable, and scalable Web application infrastructure for all versions of Windows Server 2003
SQL SERVER
DATABASE
A database management, or DBMS, gives the user access to their data and helps them transform
the data into information. Such database management systems include dBase, paradox, IMS, SQL Server
and SQL Server. These systems allow users to create, update and extract information from their
database.
MRITS Department of Computer Science & Engineering
27
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
A database is a structured collection of data. Data refers to the characteristics of people, things
and events. SQL Server stores each data item in its own fields
SQL Server Tables
SQL Server stores records relating to each other in a table. Different tables are created for the
various groups of information. Related tables are grouped together to form a database.
Primary Key
Every table in SQL Server has a field or a combination of fields that uniquely identifies each
record in the table. The Unique identifier is called the Primary Key, or simply the Key. The primary
key provides the means to distinguish one record from all other in a table. It allows the user and the
database system to identify, locate and refer to one particular record in the database.
Relational Database
Sometimes all the information of interest to a business operation can be stored in one table. SQL
Server makes it very easy to link the data in multiple tables. This is what makes SQL Server a relational
database management system, or RDBMS. It stores data in two or more tables and enables you to define
relationships between the table and enables you to define relationships between the tables.
Foreign Key
When a field is one table matches the primary key of another field is referred to as a foreign key.
A foreign key is a field or a group of fields in one table whose values match those of the primary key of
another table.
Referential Integrity
Not only does SQL Server allow you to link multiple tables, it also maintains consistency
between them. Ensuring that the data among related tables is correctly matched is referred to as
maintaining referential integrity.
Data Abstraction
28
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
A major purpose of a database system is to provide users with an abstract view of the data. This
system hides certain details of how the data is stored and maintained. Data abstraction is divided into
three levels.
Physical level
This is the lowest level of abstraction at which one describes how the data are actually stored.
Conceptual Level
At this level of database abstraction all the attributed and what data are actually stored is described
and entries and relationship among them.
View level
This is the highest level of abstraction at which one describes only part of the database.
Advantages of RDBMS
Redundancy can be avoided
Disadvantages of DBMS
A significant disadvantage of the DBMS system is cost.
Duplication of data.
FEATURES OF SQL SERVER (RDBMS):
SQL SERVER is one of the leading database management systems (DBMS) because it is the
only Database that meets the uncompromising requirements of todays most demanding information
systems. From complex decision support systems (DSS) to the most rigorous online transaction
processing (OLTP) application, even application that require simultaneous DSS and OLTP access to the
same critical data, SQL Server leads the industry in both performance and capability
MRITS Department of Computer Science & Engineering
29
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
SQL SERVER is a truly portable, distributed, and open DBMS that delivers unmatched performance,
continuous operation and support for every database.
SQL SERVER RDBMS is high performance fault tolerant DBMS which is specially designed for online
transactions processing and for handling large database application.
NORMALIZATION
It is a process of converting a relation to a standard form. The process is used to handle the
problems that can arise due to data redundancy i.e. repetition of data in the database, maintain data
integrity as well as handling problems that can arise due to insertion, updation, deletion anomalies.
Decomposing is the process of splitting relations into multiple relations to eliminate anomalies
and maintain anomalies and maintain data integrity. To do this we use normal forms or rules for
structuring relation.
Insertion anomaly: Inability to add data to the database due to absence of other data.
Deletion anomaly: Unintended loss of data due to deletion of other data.
Update anomaly: Data inconsistency resulting from data redundancy and partial update
Normal Forms: These are the rules for structuring relations that eliminate anomalies.
30
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
8. IMPLEMENTATION
8.1 Module Description
Modules
1.
2.
3.
4.
5.
31
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
password. Each group member wants to upload and download his file. So he first generate a key for
cryptography.
KEY GENERATION
Our proxy re signature scheme includes five algorithms: KeyGen, ReKey, Sign, ReSign and
Verify.In KeyGen, he given global parameters (e, p, G1, G2, g, w, H), a user uA selects a random
number, and outputs public key pk and a private key sk.The proxy generates a resigning key as follows:
(1) the proxy generates a random number and sends it to user uA; (2) user uA computes and sends r/a to
user uB, where skA = a; (3) user uB calculates and sends rb/a to the proxy, where skB = b; (4) the proxy
recovers rkA-->B = b/a.
32
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
In our mechanism, by utilizing the idea of proxy re-signatures, once a user in the group is
revoked, the cloud is able to re-sign the blocks, which were signed by the revoked user, with a resigning
key.As a result, the efficiency of user revocation can be significantly improved, and computation and
communication resources of existing users can be easily saved. Meanwhile, the cloud, who is not in the
same trusted domain with each user, is only able to convert a signature of the revoked user into a
signature of an existing user on the same block, but it cannot sign arbitrary blocks on behalf of either the
revoked user or an existing user.
33
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
public Test()
{
}
public String getMsgResult(String msg)
{
SomeCustomForm myForm = new SomeCustomForm(msg);
myForm.Message = "";
myForm.ShowDialog(new Form());
if (myForm.DialogResult == DialogResult.OK)
{
Console.WriteLine(myForm.Message);
return myForm.Message;
}
return "0";
}
}
public class SomeCustomForm : System.Windows.Forms.Form
{
private System.ComponentModel.Container components;
private System.Windows.Forms.Button btnCancel;
private System.Windows.Forms.Button btnOK;
MRITS Department of Computer Science & Engineering
34
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
35
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
if (disposing)
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose(disposing);
}
#region Windows Form Designer generated code
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.label1 = new System.Windows.Forms.Label();
this.btnOK = new System.Windows.Forms.Button();
this.btnCancel = new System.Windows.Forms.Button();
this.txtMessage = new System.Windows.Forms.TextBox();
label1.Location = new System.Drawing.Point(12, 8);
label1.Text = msg;
label1.Size = new System.Drawing.Size(240, 48);
label1.TabIndex = 1;
MRITS Department of Computer Science & Engineering
36
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
37
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
this.Controls.Add(this.btnCancel);
this.Controls.Add(this.btnOK);
this.Controls.Add(this.label1);
this.Controls.Add(this.txtMessage);
}
#endregion
protected void btnOK_Click(object sender, System.EventArgs e)
{
// OK button clicked.
// get new message.
strMessage = txtMessage.Text;}}}
9.TESTING
Software testing is a critical element of software quality assurance and represents the ultimate
review of specification, design and coding. Testing is the process of executing a program with the intent
of finding an error.
There are basically two types of testing approaches.
One is Black-Box testing the specified function that a product
has
been designed to
perform, tests can be conducted that demonstrate each function is fully operated.
The other is White-Box testing knowing the internal workings of the product ,tests
can be conducted to ensure that the internal operation of the product performs according to
specifications and all internal components have been adequately exercised.
TESTING STRATEGIES
38
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
Testing is a set of activities that can be planned in advanced and conducted systematically.
Software testing is one element of verification and validation. Validation refers to a different set of
activities that ensure that the software that has been built is traceable to customer requirements.
The main objective of software is testing to uncover errors. To fulfill this objective, a series of test steps
unit, integration, validation and system tests are planned and executed.
UNIT TESTING
This testing method considers a module as single unit and checks the unit at interfaces and
communicates with other modules rather than getting into details at statement level. Here the module
will be treated as a black box, which will take some input and generate output. Outputs for a given set
of input combination are pre-calculated and are generated by the module.
SYSTEM TESTING
Here all the pre-tested individual modules will be assembled to create the larger system and
tests are carried out at system level to make sure that all modules are working in synchronous with each
other. This testing methodology helps in making sure that all modules which are running perfectly when
checked individually are also running in cohesion with other modules.
INTEGRATED TESTING
Integrated testing is a systematic technique for constructing the program structure while
conducting the tests. To uncover errors that are associated with interfacing the objective is to make unit
test modules and built a program structure that has been detected by design. Here errors will appear in
MRITS Department of Computer Science & Engineering
39
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
an endless loop function. In incremental testing the program is constructed and tested in small segments
where the errors are isolated and corrected.
Different incremental integration strategies are top down integration, bottom up
integration, regression testing.
REGRESSION TESTING
Regression testing maybe conducted manually by executing a subset of all test cases or using
automated capture play back tools enables the software engineer to capture the test case and results for
subsequent playback and compression. The regression suit contains different classes of test cases.
V
ALIDATION TESTING
Validation testing demonstrates the traces the requirements of the software. This can be
achieved through a series of black box tests.
40
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
41
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
42
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
43
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
44
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
45
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
46
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
47
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
48
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
49
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
50
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
51
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
52
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
53
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
54
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
55
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
56
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
57
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
58
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
59
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
60
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
61
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
62
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
63
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
64
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
65
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
66
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
67
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
68
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
69
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
70
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
71
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
72
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
73
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
74
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
11. CONCLUSION
We proposed a new public auditing mechanism for shared data with efficient user
revocation in the cloud. When a user in the group is revoked, we allow the semi-trusted cloud to re-sign
blocks that were signed by the revoked user with proxy re-signatures. Experimental results show that the
cloud can improve the efficiency of user revocation, and existing users in the group can save a
significant amount of computation and communication resources during user revocation.
75
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
12. BIBILOGRAPHY
[1] E. Anceaume, M. Gradinariu, A.K. Datta, G. Simon, and A. Virgillito, A Semantic Overlay for SelfPeer-to-Peer Publish/ Subscribe, Proc. 26th IEEE Intl Conf. Distributed ComputingSystems (ICDCS),
2006.
[2] J. Bacon, D.M. Eyers, J. Singh, and P.R. Pietzuch, Access Control in Publish/Subscribe Systems,
Proc. Second ACM Intl Conf. Distributed Event-Based Systems (DEBS), 2008.
[3] W.C. Barker and E.B. Barker, SP 800-67 Rev. 1. Recommendation for the Triple Data Encryption
Algorithm (TDEA) Block Cipher, technical report, Natl Inst. of Standards & Technology, 2012.
MRITS Department of Computer Science & Engineering
76
PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
[4] J. Bethencourt, A. Sahai, and B. Waters, Ciphertext-Policy Attribute-Based Encryption, Proc. IEEE
Symp. Security and Privacy, 2007.
[5] D. Boneh, G.D. Crescenzo, R. Ostrovsky, and G. Persiano, Public Key Encryption with Keyword
Search, Proc. Intl Conf. Theory and Applications of Cryptographic Techniques on Advances in
Cryptology (EUROCRYPT), 2004.
[6] D. Boneh and M.K. Franklin, Identity-Based Encryption from the Weil Pairing, Proc. Intl
Cryptology Conf. Advances in Cryptology, 2001.
[7] S. Choi, G. Ghinita, and E. Bertino, A Privacy-Enhancing Content-Based Publish/Subscribe System
Using Scalar Product Preserving Transformations, Proc. 21st Intl Conf. Database and
Expert Systems Applications: Part I, 2010.
[8] V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for Fine-Grained Access
Control of Encrypted Data, Proc. ACM 13th Conf. Computer and Comm. Security (CCS), 2006.
[9] M. Ion, G. Russello, and B. Crispo, Supporting Publication and Subscription Confidentiality in
Pub/Sub Networks, Proc. Sixth Intl ICST Conf. Security and Privacy in Comm. Networks
(SecureComm), 2010.
[10] H.-A. Jacobsen, A.K.Y. Cheung, G. Li, B. Maniymaran, V. Muthusamy, and R.S. Kazemzadeh,
The PADRES Publish/ Subscribe System, Principles and Applications of Distributed Event-Based
Systems. IGI Global, 2010.
[11] M. Jelasity, A. Montresor, G.P. Jesi, and S. Voulgaris, PeerSim: A Peer-to-Peer Simulator,
http://peersim.sourceforge.net/, 2013.
[12] H. Khurana, Scalable Security and Accounting Services for Content-Based Publish/Subscribe
Systems, Proc. ACM Symp. Applied Computing, 2005.
77