Santosh

PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD
1. INTRODUCTION
1.1 PROJECT OVERVIEW
With data storage and sharing services (such as Dropbox and Google Drive) provided by the
cloud, people can easily work together as a group by sharing data with each other. More specifically,
once a user creates shared data in the cloud, every user in the group is able to not only access and
modify shared data, but also share the latest version of the shared data with the rest of the group.
Although cloud providers promise a more secure and reliable environment to the users, the integrity of
data in the cloud may still be compromised, due to the existence of hardware/software failures and
human errors. To protect the integrity of data in the cloud, a number of mechanisms have been proposed.
In these mechanisms, a signature is attached to each block in data, and the integrity of data
relies on the correctness of all the signatures. One of the most significant and common features of these
mechanisms is to allow a public verifier to efficiently check data integrity in the cloud without
downloading the entire data, referred to as public auditing (or denoted as Provable Data Possession).
This public verifier could be a client who would like to utilize cloud data for particular purposes (e.g.,
search, computation, data mining, etc.) or a third party auditor (TPA) who is able to provide verification
services on data integrity to users. Most of the previous works focus on auditing the integrity of personal
data. Different from these works, several recent works focus on how to preserve identity privacy from
public verifiers when auditing the integrity of shared data. Unfortunately, none of the above
mechanisms, considers the efficiency of user revocation when auditing the correctness of shared data in
the cloud. With shared data, once a user modifies a block, she also needs to compute a new signature for
the modified block. Due to the modifications from different users, different blocks are signed by
different users. For security reasons, when a user leaves the group or misbehaves,this user must be
revoked from the group
MRITS Department of Computer Science & Engineering
1.2 SCOPE OF THE PROJECT

The scope of the project is by designing anew proxy re-signature scheme with nice
properties which traditional proxy re signatures do not have, our mechanism is always able to check the
integrity of shared data without retrieving the entire data from the cloud.Moreover, our proposed
mechanism is scalable, which indicates it is not only able to efficiently support a large number of users
to share data and but also able to handle multiple auditing tasks simultaneously with batch auditing.In
addition, by taking advantages of Shamir Secret Sharing, we can also extend our mechanism into the
multi-proxy model to minimize the chance of the misuse on re-signing keys in the cloud and improve
the reliability of the entire mechanism.
2. PROBLEM DEFINITION
2.1 EXISTING SYSTEM
In existing mechanisms, a signature is attached to each block in data, and the integrity of data
relies on the correctness of all the signatures. One of the most significant and common features of these
mechanisms is to allow a public verifier to efficiently check data integrity in the cloud without
downloading the entire data, referred to as public auditing (or denoted as Provable Data Possession).This public verifier could be a client who would like to utilize cloud data for particular purposes
(e.g., search, computation, data mining, etc.) or a third-party auditor (TPA) who is able to provide
verification services on data integrity to users. Most of the previous works focus on auditing the
integrity of personal data. Different from these works, several recent works focus on how to preserve
identity privacy from public verifiers when auditing the integrity of shared data. Unfortunately, none of
the above mechanisms, considers the efficiency of user revocation when auditing the correctness of
shared data in the cloud. With shared data, once a user modifies a block, she also needs to compute a
new signature for the modified block. Due to the modifications from different users, different blocks are
signed by different users. As a result, this revoked user should no longer be able to access and modify
shared data, and the signatures generated by this revoked user are no longer valid to the group.
Therefore, although the content of shared data is not changed during user revocation, the blocks, which
were previously signed by the revoked user, still need to be re-signed by an existing user in the group.
DISADVANTAGES
The number of resigned blocks is quite large or the membership of the group is frequently
changing. Straightforward method may cost the existing user a huge amount of communication and
computation resources.
2.2 PROPOSED SYSTEM

We propose Panda, a novel public auditing mechanism for the integrity of shared data with
efficient user revocation in the cloud. In our mechanism, by utilizing the idea of proxy re-signatures,
once a user in t he group is revoked, the cloud is able to re-sign the blocks, which were signed by the
revoked user, with a resigning key.As a result, the efficiency of user revocation can be significantly
improved, and computation and communication resources of existing users can be easily
saved.Meanwhile, the cloud, who is not in the same trusted domain with each user, is only able to
convert a signature of the revoked user into a signature of an existing user on the same block, but it
cannot sign arbitrary blocks on behalf of either the revoked user or an existing user. By designing anew
proxy re-signature scheme with nice properties which traditional proxy re signatures do not have, our
mechanism is always able to check the integrity of shared data without retrieving the entire data from
the cloud.Moreover, our proposed mechanism is scalable, which indicates it is not only able to
efficiently support a large number of users to share data and but also able to handle multiple auditing
tasks simultaneously with batch auditing.In addition, by taking advantages of Shamir Secret Sharing, we
can also extend our mechanism into the multi-proxy model to minimize the chance of the misuse on resigning keys in the cloud and improve the reliability of the entire mechanism.
ADVANTAGES
This mechanism can significantly improve the efficiency of user revocation.
3. SOFTWARE REQUIREMENT SPECIFICATION

3.1 SOFTWARE INTERFACE

Operating System
Windows 7
IDE
Visual Studio 2010
Coding Language
C#.Net
Database
SQL Server 2008
3.2 HARDWARE INTERFACE

Processor
Pentium IV
Speed
2.4 GHZ
RAM
1 GB
Hard disk
80 GB
4. LITERATURE SURVEY
Literature survey is the most important step in the software development process. Before
developing the tool it is necessary to determine the time factor, economy and company strength. Once
these things are satisfied, then next steps are to determine which operating system and language can be
used for developing the tool. Once the programmers start building the tool, they need a lot of external
support. This support can be obtained from senior programmers, from books or from websites. Before
building the system the above considerations are taken into the account for developing the proposed
system.
5. FEASIBILITY STUDY
The feasibility of the project is analyzed in the phase and business proposal is put forth with
a very general plan for the project and some cost estimates. During system analysis the feasibility study
of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to
the company. For feasibility analysis, some understanding of the major requirements for the system is
essential.
Three key considerations involved in the feasibility analysis are
Technical Feasibility
Economical Feasibility
Operational Feasibility
5.1 TECHNICAL FEASIBILITY

In this step, we verify whether the proposed systems are technically feasible or not. i.e.,
all the technologies required to develop the system are available readily or not.
Technical Feasibility determines whether the organization has the technology and skills
necessary to carry out the project and how this should be obtained. The system can be feasible because
of the following grounds.
All necessary technology exists to develop the system.
This system is too flexible and it can be expanded further.
This system can give guarantees of accuracy, ease of use, reliability and the data security.
This system can give instant response to inquire.
Our project is technically feasible because, all the technology needed for our project is
readily available.
5.2 ECONOMICAL FEASIBILITY

In this step, we verify which proposal is more economical. We compare the financial benefits
of the new system with the investment. The new system is economically feasible only when the financial
benefits are more than the investments and expenditure. Economical Feasibility determines whether the
project goal can be within the resource limits allocated to it or not. It must determine whether it is
worthwhile to process with the entire project or whether the benefits obtained from the new system are
not worth the costs. Financial benefits must be equal or exceed the costs. In this issue, we should
consider:
The cost to conduct a full system investigation.
The cost of hardware and software for the class of application being considered.
The development tool.
The cost of maintenance etc.,
Our project is economically feasible because the cost of development is very minimal when
compared to financial benefits of the application.
5.3 OPERATIONAL FESIBILITY

In this step, we verify different operational factors of the proposed systems like manpower, time etc., whichever solution uses less operational resources, is the best operationally feasible
solution. The solution should also be operationally possible to implement. Operational Feasibility
determines if the proposed system satisfied user objectives could be fitted into the current system
operation. The present system Enterprise Resource Information System can be justified as Operationally
Feasible based on the following grounds.
The methods of processing and presentation are completely accepted by the clients since they
can meet all user requirements.
The clients have been involved in the planning and development of the system.
The proposed system will not cause any problem under any circumstances.
Our project is operationally feasible because the time requirements and personnel requirements are
satisfied. We are a team of three members and we worked on this project for three working months.
6. SYSTEM DESIGN
6.1 UML Diagrams

The UML is defined as
Visualization
Specification
Construction
Documentation
These are the artifacts of a software- intensive system.

A conceptual model of UML
The three major elements of UML are
The UML basic building blocks
The rules that dictate how those building blocks may be put together.
Some common mechanisms that apply throughout the UML.
Basic building blocks of UML
The vocabulary of UML encompasses three kinds of building blocks:
Thing
Relationships
Diagrams
Things
Things are the abstractions that are first-class citizens in a model. Relationships tie things together.
Diagrams group the interesting collection of things.
Things in UML: There are four kinds of things in UML
1.
2.
3.
4.
Structural things
Behavioural things
Grouping things
Annotational things
These things are the basic object oriented building blocks of UML. They are used to write well-formed
models.
Relationships in the UML

There are four kinds of relationships in the UML:
1.
2.
3.
4.
Dependency
Association
Generalization
Realization
1. Dependency
This is relationship between two classes whenever one class is completely dependent on
other class. Graphically the dashed line represents it with an arrow pointing to the class that it is being
depended on.
----------------------2. Association
It is a relationship between instances of two classes. There is an association between two
classes then an instance of one class must know about the other in order to perform its work. In a
diagram, an association is a link connecting two classes. Graphically it is represented by line as shown
below:
3. Generalization
An inheritance is a link indicating one class is a super class of other. A generalization has a
triangle pointing to the super class. Graphically it is represented by line with a triangle at end as shown
4. Realization
It denotes the implementation of the functionality defined in one class by another class. To
show the relationship in UML, a broken line with an unfilled solid arrowhead is drawn from the class
that defines the functionality to the class that implements the function.
10
-----------------------------
UML Diagrams
Diagrams play a very important role in UML. There are nine kind of modeling diagrams as
follows
1.
2.
3.
4.
5.
6.
7.
Use case diagram

Class diagram
Sequence diagram
Activity diagram
State chart diagram
Object diagram
Collaboration diagram
6.1.1 USE CASE DIAGRAM
11
FIG. 6.1.1 Use Case Diagram For Group Memeber
A use case diagram is a graphic depiction of the interactions among the elements of a system. Use
case is a methodology used in system analysis to identify, clarify, and organize system requirements.
This is a use case diagram for group member , to view registration, login, files, revoke, view profile,
logout.
6.1.2 CLASS DIAGRAM
12
FIG. 6.1.2 Class Diagram For Group Member
Class diagrams describe the static structure of a system, or how it is declared rather than how
it behaves. These diagrams contain classes and associations.
6.1.2 SEQUENCE DIAGRAM

13
FIG. 6.1.3 Sequence Diagram of Group Member
A sequence diagram is an interaction diagram that details how operations are carried out: what messages
are sent and when. Sequence diagrams are organized according to time. The time progresses as you go
down the page.
6.1.4 ACTIVITY DIAGRAM
14
FIG.6.1.4 Activity Diagram of Registration
Activity diagrams render the activities of a class participating in behavior. These diagrams describe the
behavior of a class in response to internal processing rather than external events. Activity diagrams
describe the processing activities within a class.
6.2 ARCHITECTURE DIAGRAM

15
3-Tier Architecture is most commonly used to build web applications. In this model, the
browser acts like a client, middleware or an application server contains the business logic, and database
servers handle data functions. This approach separates business logic from display and data. So the 3
layers commonly known as: Presentation Layer(PL/UI),Business Logic Layer(BLL) & Data Access
Layer(DAL).
Analysis Model
The model that is basically being followed is the WATER FALL MODEL, which states that the
phases are organized in a linear order. First of all the feasibility study is done. Once that part is over the
requirement analysis and project planning begins. If system exists one and modification and addition of
new module is needed, analysis of present system can be used as basic model.
The design starts after the requirement analysis is complete and the coding begins after the design is
complete. Once the programming is completed, the testing is done. In this model the sequence of
activities performed in a software development project are: Requirement Analysis, Project Planning, System design, Detail design, Coding, Unit testing, System
integration & testing.
Here the linear ordering of these activities is critical. End of the phase and the output of one phase is the
input of other phase. The output of each phase is to be consistent with the overall requirement of the
16
system. Some of the qualities of spiral model are also incorporated like after the people concerned with
the project review completion of each of the phase the work done.
WATER FALL MODEL was being chosen because all requirements were known beforehand and the
objective of our software development is the computerization/automation of an already existing manual
working system.
Water Fall Model
7. SYSTEM ENVIRONMENT
17
Microsoft.NET Framework
The .NET Framework is a new computing platform that simplifies application development
in the highly distributed environment of the Internet. The .NET Framework is designed to fulfill the
following objectives:
To provide a consistent object-oriented programming environment whether object code is stored

and executed locally, executed locally but Internet-distributed, or executed remotely.
To provide a code-execution environment that minimizes software deployment and versioning

conflicts.
To provide a code-execution environment that guarantees safe execution of code, including code
created by an unknown or semi-trusted third party.
To provide a code-execution environment that eliminates the performance problems of scripted

or interpreted environments.
To make the developer experience consistent across widely varying types of applications, such as
Windows-based applications and Web-based applications.
To build all communication on industry standards to ensure that code based on the .NET
Framework can integrate with any other code.
The .NET Framework has two main components: the common language runtime and the .NET
Framework class library. The common language runtime is the foundation of the .NET Framework. In
fact, the concept of code management is a fundamental principle of the runtime. Code that targets the
runtime is known as managed code, while code that does not target the runtime is known as unmanaged
code. The class library, is the other main component of the .NET Framework, is a comprehensive,
object-oriented collection of reusable types that you can use to develop applications ranging from
traditional command-line or graphical user interface (GUI) applications to applications based on the
latest innovations provided by ASP.NET, such as Web Forms and XML Web services.
that can exploit both managed and unmanaged features. The .NET Framework not only provides several
runtime hosts, but also supports the development of third-party runtime hosts.
C#.NET
ACTIVE X DATA OBJECTS.NET
18
ADO.NET Overview
ADO.NET is an evolution of the ADO data access model that directly addresses user
requirements for developing scalable applications. It was designed specifically for the web with
scalability, statelessness, and XML in mind.
ADO.NET uses some ADO objects, such as the Connection and Command objects, and also introduces
new objects. Key new ADO.NET objects include the DataSet, DataReader, and DataAdapter.
The important distinction between this evolved stage of ADO.NET and previous data architectures is
that there exists an object -- the DataSet -- that is separate and distinct from any data stores. Because of
that, the DataSet functions as a standalone entity. You can think of the DataSet as an always
disconnected recordset that knows nothing about the source or destination of the data it contains. Inside
a DataSet, much like in a database, there are tables, columns, relationships, constraints, views, and so
forth.
A DataAdapter is the object that connects to the database to fill the DataSet. Then, it connects back to
the database to update the data there, based on operations performed while the DataSet held the data
The OLE DB and SQL Server .NET Data Providers (System.Data.OleDb and System.Data.SqlClient)
that are part of the .Net Framework provide four basic objects: the Command, Connection,
DataReader and DataAdapter. In the remaining sections of this document, we'll walk through each
part of the DataSet and the OLE DB/SQL Server .NET Data Providers explaining what they are, and
how to program against them.
The following sections will introduce you to some objects that have evolved, and some that are new.
These objects are:
Connections: For connection to and managing transactions against a database.
Commands: For issuing SQL commands against a database.
Data Readers: For reading a forward-only stream of data records from a SQL Server
data source.
Datasets: For storing, remoting and programming against flat data, XML data and
relational data.
DataAdapters. For pushing data into a DataSet, and reconciling data against a
database.
19
When dealing with connections to a database, there are two different options: SQL Server .NET Data
Provider (System.Data.SqlClient) and OLE DB .NET Data Provider (System.Data.OleDb). In these
samples we will use the SQL Server .NET Data Provider. These are written to talk directly to Microsoft
SQL Server. The OLE DB .NET Data Provider is used to talk to any OLE DB provider (as it uses OLE
DB underneath).
ASP.NET
ASP.NET Introduction
ASP.NET is a server-side technology for creating dynamic web pages. This technology
basically used scripting interspersed within HTML to generate information on the fly. The ASP
technology makes the web server active. The Web server does not merely act as a storehouse of Web
Pages, but actually creates HTML pages after the client has requested for the same. This implies that
ASP pages can not only display changing content with time, but also retrieve information from
databases and other servers such as mail servers connected to the Web server at runtime (when a client a
waiting for a response) and display current information to the client.
The prime advantage of this technology is that Web Sites do not have to be updated constantly and
clients always have access to the current information. Of course, performance is affected; s the ASP
pages are parsed every time a client makes a certain request for them.
A Passive Web Server stores static Web Pages
An active Web Server generates dynamic Web Pages
Need for ASP.NET:
The main reasons that led to the development of ASP.NET can be briefly described as follows:
Language Independence
Support for programming
Support for Separation of Code and Content
Simplified Development
Client Platform Independence
New Application Models

20
ASP.NET extends your application's reach to new customers and partners.

XML Web Services
Mobile Web Device Support
Structure of ASP+ Pages

Code Blocks
Script code in an ASP+ page must be placed within a <script> section. It cannot be placed within <%
and %> script delimiters.
Secondly, only one language can be used to create a page. However components written in other
languages can be written in other languages can be used in a page.
Supported Languages
ASP+ supports VB, C#, C++, Jscript as of date is expected to support Perl and COBOL among
others in future. The languages that are supported by ASP+ are the languages that are supported by
the .NET framework. These languages have the compilers that compile the source code to intermediate
code format, which is understood by the CLR of the .NET framework.
Page Directives
Page directives are used to set the properties of the page individually.Asp+ pages accept multiple
directives. The page directive is the default directive. Apart from the Page Directive, ASP+ supports
Output Cache and Register directives.
Early Binding
This implies that if the type of an object of variable is known at compile time, the run time can
reserve appropriate storage space to the variable or object at compile time
Early binding improves the performance as code is already complied and can be executed directly. It
does not have to be complied at runtime.
Client-Side Scripting
JavaScript and VBScript and generally used for Client-side scripting. Client-side scripting
executes in the browser after the page is loaded. Using client-side scripting you can add some cool
21
features to your page. Both, HTML and the script are together in the same file and the script is
downloading as part of the page which anyone can view
Server-Side Scripting
ASP.NET is purely server-side technology. ASP.NET code executes on the server before it is
sent to the browser. The code that is sent back to the browser is pure HTML and not ASP.NET code.
Like client-side scripting, ASP.NET code is similar in a way that it allows you to write your code
alongside HTML. Unlike client-side scripting, ASP.NET code is executed on the server and not in the
browser.
Web Controls
ASP+ provides an upgraded set of controls known as Web controls that provide a consistent
model.
These controls are ultimately rendered as HTML on the client-side but have the added
functionality of ASP+. Web controls are of four basic types:
Intrinsic Controls
List Controls
Rich Controls
Validation Controls
Intrinsic Controls
These controls map to simple HTML elements when rendered on the client-side. They can
be of two types HTML elements that execute on the server-side, or ASP+ provides both types of controls
for flexibility.
List Controls
List controls are used to access and display data from data stores in a Web page.
ASP+ list controls can use server-side binding to automatically fill the lists with data. They can also
page the list, sort the contents, filter the list and select individual items.
They are of three types, Repeater, DataList and DataGrid.
Asp+ also provides two more types of list controls: RadioButtonList and CheckBoxList, but these are
specialized controls that are used in custom applications to display lists as radio buttons or check boxes.
Rich Controls
22
Rich controls are customized controls provided by ASP+ that provide high-level functionality
to developers. They include the Calendar control and the Ad Rotator control. Future releases of ASP+
are expected to provide controls such as Tree View, Image Generator, etc.
Validation Controls
Validation controls are used to check the data entered by users on both client and server side. They
can be used in place of scripts. While scripts are commonly used for this purpose, they have to be
written especially for each Web form. The uses of controls are moves the need to write such scripts and
makes development simpler and faster.
General Validation
Customized Validation
Validation Summary
Server Application Development
Server-side applications in the managed world are implemented through runtime hosts.
Unmanaged applications host the common language runtime, which allows your custom managed code
to control the behavior of the server. This model provides you with all the features of the common
language runtime and class library while gaining the performance and scalability of the host server.
Server-side managed code
ASP.NET is the hosting environment that enables developers to use the .NET Framework to
target Web-based applications. However, ASP.NET is more than just a runtime host; it is a complete
architecture for developing Web sites and Internet-distributed objects using managed code. Both Web
Forms and XML Web services use IIS and ASP.NET as the publishing mechanism for applications, and
both have a collection of supporting classes in the .NET Framework.
Active Server Pages.NET
ASP.NET is a programming framework built on the common language runtime that can be
used on a server to build powerful Web applications. ASP.NET offers several important advantages over
previous Web development models:
Enhanced Performance.
World-Class Tool Support
Power and Flexibility
23
Simplicity
Manageability
Scalability and Availability
Customizability and Extensibility Security
Language Support
The Microsoft .NET Platform currently offers built-in support for three languages: C#, Visual
Basic, and JScript.
ASP.NET Authentication
Authentication is the process of obtaining identification credentials such as name and password
from a user and validating those credentials against some authority. Once an identity has been
authenticated, the authorization process determines whether that identity has access to a given resource.
ASP.NET supports the authentication providers described in the following table.
Unexpected Input
Any program connected to the Internet may draw the attention of attackers who will attempt to crash it
or use it as a tool to gain unauthorized access to a company's resources.
The following are the top three types of unexpected input that a programmer must consider when coding
software.
SQL Injection
With SQL, a user can easily connect to a database and make searches, updates, additions,
deletions, and so on. This threat applies to every database server that uses SQL (Oracle, MySQL,
PostgreSQL, etc.)
SQL attacks can be used to gain access to a computer's file system. In fact, with a vulnerable
Microsoft SQL Server system, an attacker could take advantage of a built-in SQL command to install a
backdoor and remotely control the computer, in which case the attacker would "own" all the data stored
on the server. This server could then be used to create a bridge for the attacker from the Internet to an
internal network. There are many other methods of abusing applications using SQL injection techniques.
Deleting whole databases, updating account permissions, bypassing identification checks, and even
installing Trojan horses and viruses can be accomplished under the right conditions.
24
Protection and Prevention

SQL injection attacks work because of improper validation techniques. Any time input is taken
from a user, it must be checked to ensure that it fits the expected mold at the server
Cross-Site Scripting (XSS) Attacks
This is only one type of attack that has impacted web application development. Cross-site
scripting attacks occur in everything from web-based email programs to bulletin board systems. Simply
put, if a web site allows user interaction, it could be vulnerable to this type of attack.
The Threat
When surfing the Internet or checking email, most people have a certain level of caution. The
problem is found in the fact that many sites don't properly filter user input. For example, at many
popular bulletin board sites, it's possible to post information using HTML.
Protection and Prevention

XSS is actually a two-pronged attack. On one side is the client computer targeted by the attacker
and on the other side is the server/web site used to relay the attack. The client can easily stop XSS by
disabling all scripting within the browser security controls. While this is a very simple procedure,
disabling all scripting affects browsing and may result in many sites being essentially non-functional.
Buffer Overflow Attacks
Attackers use this type of attack for two main reasons:
Causing a denial-of-service for a program or site
Manipulating the computer to execute code of the attacker's choice
The Threat
Once executed, a program automatically stakes out a chunk of the computer's memory (RAM) as
its own. It needs this memory for two reasons: to store and load data it requires while processing
information, and to keep track of the steps or commands it's currently executing..
25
Prevention
Much of the responsibility for buffer overflow attacks falls solely at the programmer's feet. In
short, many programmers don't properly protect their variables from unexpected input. To prevent most
buffer overflows, if not all, a program only has to validate all data before it processes it. While this
means that the program will require more thought, code, and testing, it will help prevent buffer overflow
attacks.
Features of ASP.NET
Better language support

Programmable controls
Event-driven programming
XML-based components
User authentication, with accounts and roles
Higher scalability
Increased performance - Compiled code
Easier configuration and deployment
Sessions
One of the challenges to developing a successful Web application is maintaining user
information over the course of a visit, or session, as the user moves from page to page in an
application.ASP.NET
provides
solution
for
managing
session
information
via
the
System.Web.SessionState namespace.
Identifying a Session
The first time a user (or more aptly a client browser) requests an .aspx file within a given
application, ASP.NET assigns a SessionID that is used to uniquely identify and track each active browser
session.
Using a 120-bit string of URL-valid ASCII characters, SessionID values are dynamically generated
using a complex algorithm that guarantees uniqueness so that sessions do not collide, and randomness so
that a malicious user cannot use a new SessionID to calculate the identity of an existing session.
Lifetime of a Session
A session can begin in four ways:
26
A new session automatically starts whenever the server receives a request for an .aspx file in an
application that does not contain a valid SessionID cookie.
A user requests an .aspx file and the global.asax file for that application includes a Session_Start
event handler.
A user requests an .aspx file and the application's global.asax file uses the <object> tag to
instantiate an object with session scope.
A user stores a value in the Session object.
Session Variables
ASP.NET enables sharing of information across the pages of an application requested within the
same client session. This functionality is provided via the HttpSessionState class, which exposes a
dictionary of key=value pairs that can be used store information that has to persist for the life of a given
session.
Storing Data in the Session object
To store a variable in the Session object, assign a value to a named entry in the Session object.
For example, the following command stores two new variables in the Session object:
Session ( "First Name" ) = "Surbhi";
Session ( "LastName" ) = "Aggarwal";
To retrieve information from the Session object, access the named entry. You can store user preferences
in the Session object, and then access that preference to determine what page to return to the user
Internet Information Services
Internet Information Services (IIS) 6.0 is a powerful Web server that provides a highly reliable,
manageable, and scalable Web application infrastructure for all versions of Windows Server 2003
SQL SERVER
DATABASE
A database management, or DBMS, gives the user access to their data and helps them transform
the data into information. Such database management systems include dBase, paradox, IMS, SQL Server
and SQL Server. These systems allow users to create, update and extract information from their
database.
27
A database is a structured collection of data. Data refers to the characteristics of people, things
and events. SQL Server stores each data item in its own fields
SQL Server Tables
SQL Server stores records relating to each other in a table. Different tables are created for the
various groups of information. Related tables are grouped together to form a database.
Primary Key
Every table in SQL Server has a field or a combination of fields that uniquely identifies each
record in the table. The Unique identifier is called the Primary Key, or simply the Key. The primary
key provides the means to distinguish one record from all other in a table. It allows the user and the
database system to identify, locate and refer to one particular record in the database.
Relational Database
Sometimes all the information of interest to a business operation can be stored in one table. SQL
Server makes it very easy to link the data in multiple tables. This is what makes SQL Server a relational
database management system, or RDBMS. It stores data in two or more tables and enables you to define
relationships between the table and enables you to define relationships between the tables.
Foreign Key
When a field is one table matches the primary key of another field is referred to as a foreign key.
A foreign key is a field or a group of fields in one table whose values match those of the primary key of
another table.
Referential Integrity
Not only does SQL Server allow you to link multiple tables, it also maintains consistency
between them. Ensuring that the data among related tables is correctly matched is referred to as
maintaining referential integrity.
Data Abstraction
28
A major purpose of a database system is to provide users with an abstract view of the data. This
system hides certain details of how the data is stored and maintained. Data abstraction is divided into
three levels.
Physical level
This is the lowest level of abstraction at which one describes how the data are actually stored.
Conceptual Level
At this level of database abstraction all the attributed and what data are actually stored is described
and entries and relationship among them.
View level
This is the highest level of abstraction at which one describes only part of the database.
Advantages of RDBMS
Redundancy can be avoided
Inconsistency can be eliminated

Data can be Shared
Standards can be enforced
Security restrictions ca be applied
Integrity can be maintained
Data independence can be achieved.
Disadvantages of DBMS
A significant disadvantage of the DBMS system is cost.
Duplication of data.
FEATURES OF SQL SERVER (RDBMS):
SQL SERVER is one of the leading database management systems (DBMS) because it is the
only Database that meets the uncompromising requirements of todays most demanding information
systems. From complex decision support systems (DSS) to the most rigorous online transaction
processing (OLTP) application, even application that require simultaneous DSS and OLTP access to the
same critical data, SQL Server leads the industry in both performance and capability
29
SQL SERVER is a truly portable, distributed, and open DBMS that delivers unmatched performance,
continuous operation and support for every database.
SQL SERVER RDBMS is high performance fault tolerant DBMS which is specially designed for online
transactions processing and for handling large database application.
NORMALIZATION
It is a process of converting a relation to a standard form. The process is used to handle the
problems that can arise due to data redundancy i.e. repetition of data in the database, maintain data
integrity as well as handling problems that can arise due to insertion, updation, deletion anomalies.
Decomposing is the process of splitting relations into multiple relations to eliminate anomalies
and maintain anomalies and maintain data integrity. To do this we use normal forms or rules for
structuring relation.
Insertion anomaly: Inability to add data to the database due to absence of other data.
Deletion anomaly: Unintended loss of data due to deletion of other data.
Update anomaly: Data inconsistency resulting from data redundancy and partial update
Normal Forms: These are the rules for structuring relations that eliminate anomalies.
First Normal Form

A relation is said to be in first normal form if the values in the relation are atomic for every
attribute in the relation.
Second Normal Form:
A relation is said to be in second Normal form is it is in first normal form and it should satisfy
any one of the following rules.
1. Primary key is a not a composite primary key
2. No non key attributes are present
3. Every non key attribute is fully functionally dependent on full set of primary key.
Third Normal Form:
30
A relation is said to be in third normal form if their exits no transitive dependencies.
8. IMPLEMENTATION
8.1 Module Description
Modules
1.
2.
3.
4.
5.
Group Member Registration & Login

Key Generation
Upload File to cloud
Download File from cloud
Public Auditing with User Revocation in Public Verifier
GROUP MEMBER REGISTRATION AND LOGIN

In this module, Group member wants to access his form. So First he registered with his own
details, such as user name, password, and choose desirable group.Then he login with his user name and
31
password. Each group member wants to upload and download his file. So he first generate a key for
cryptography.
KEY GENERATION
Our proxy re signature scheme includes five algorithms: KeyGen, ReKey, Sign, ReSign and
Verify.In KeyGen, he given global parameters (e, p, G1, G2, g, w, H), a user uA selects a random
number, and outputs public key pk and a private key sk.The proxy generates a resigning key as follows:
(1) the proxy generates a random number and sends it to user uA; (2) user uA computes and sends r/a to
user uB, where skA = a; (3) user uB calculates and sends rb/a to the proxy, where skB = b; (4) the proxy
recovers rkA-->B = b/a.
UPLOAD FILE TO CLOUD

After key generation the group member browse a file.Then split this file into multiple blocks.
Here we encrypt each blocks with his public key then generate signature.Each block is attached with a
signature, a block identifier and a signer identifier.Specifically, if a single block is inserted or deleted,
the indices of blocks that after this modified block are all changed, and the change of those indices
requires the user to recomputed signatures on those blocks, even though the content of those blocks are
not changed.
DOWNLOAD FILE FROM CLOUD

In this module a group member wants to download this file, so first he get the secret key for
decrypt.If he entered the correct secret key, then he access the file. Else he blocked by cloud.So this user
called revoked user by cloud.
PUBLIC AUDITING WITH USER REVOCATION IN PUBLIC VERIFIER
32
In our mechanism, by utilizing the idea of proxy re-signatures, once a user in the group is
revoked, the cloud is able to re-sign the blocks, which were signed by the revoked user, with a resigning
key.As a result, the efficiency of user revocation can be significantly improved, and computation and
communication resources of existing users can be easily saved. Meanwhile, the cloud, who is not in the
same trusted domain with each user, is only able to convert a signature of the revoked user into a
signature of an existing user on the same block, but it cannot sign arbitrary blocks on behalf of either the
revoked user or an existing user.
8.2 Sample code

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Windows.Forms;
namespace PandaGroupMember
{
class Test
{
33
public Test()
{
}
public String getMsgResult(String msg)
{
SomeCustomForm myForm = new SomeCustomForm(msg);
myForm.Message = "";
myForm.ShowDialog(new Form());
if (myForm.DialogResult == DialogResult.OK)
{
Console.WriteLine(myForm.Message);
return myForm.Message;
}
return "0";
}
}
public class SomeCustomForm : System.Windows.Forms.Form
{
private System.ComponentModel.Container components;
private System.Windows.Forms.Button btnCancel;
private System.Windows.Forms.Button btnOK;
34
private System.Windows.Forms.Label label1;

private System.Windows.Forms.TextBox txtMessage;
String msg;
public SomeCustomForm(String m1)
{
msg = m1;
InitializeComponent();
this.StartPosition = FormStartPosition.CenterParent;
}
private string strMessage;
public string Message
{
get { return strMessage; }
set
{
strMessage = value;
txtMessage.Text = strMessage;
}
}
protected override void Dispose(bool disposing)
{
35
if (disposing)
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose(disposing);
}
#region Windows Form Designer generated code
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.label1 = new System.Windows.Forms.Label();
this.btnOK = new System.Windows.Forms.Button();
this.btnCancel = new System.Windows.Forms.Button();
this.txtMessage = new System.Windows.Forms.TextBox();
label1.Location = new System.Drawing.Point(12, 8);
label1.Text = msg;
label1.Size = new System.Drawing.Size(240, 48);
label1.TabIndex = 1;
36
btnOK.Location = new System.Drawing.Point(16, 104);

btnOK.DialogResult = System.Windows.Forms.DialogResult.OK;
btnOK.Size = new System.Drawing.Size(96, 24);
btnOK.TabIndex = 2;
btnOK.Text = "OK";
btnOK.Click += new System.EventHandler(this.btnOK_Click);
btnCancel.Location = new System.Drawing.Point(152, 104);
btnCancel.DialogResult = System.Windows.Forms.DialogResult.Cancel;
btnCancel.Size = new System.Drawing.Size(96, 24);
btnCancel.TabIndex = 3;
btnCancel.Text = "Cancel";
txtMessage.Location = new System.Drawing.Point(16, 72);
txtMessage.TabIndex = 0;
txtMessage.Size = new System.Drawing.Size(232, 20);
this.Text = "Some Custom Dialog";
this.MaximizeBox = false;
this.AutoScaleBaseSize = new System.Drawing.Size(5, 13);
this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.FixedDialog;
this.ControlBox = false;
this.MinimizeBox = false;
this.ClientSize = new System.Drawing.Size(266, 151);
37
this.Controls.Add(this.btnCancel);
this.Controls.Add(this.btnOK);
this.Controls.Add(this.label1);
this.Controls.Add(this.txtMessage);
}
#endregion
protected void btnOK_Click(object sender, System.EventArgs e)
{
// OK button clicked.
// get new message.
strMessage = txtMessage.Text;}}}
9.TESTING
Software testing is a critical element of software quality assurance and represents the ultimate
review of specification, design and coding. Testing is the process of executing a program with the intent
of finding an error.
There are basically two types of testing approaches.
One is Black-Box testing the specified function that a product
has
been designed to
perform, tests can be conducted that demonstrate each function is fully operated.
The other is White-Box testing knowing the internal workings of the product ,tests
can be conducted to ensure that the internal operation of the product performs according to
specifications and all internal components have been adequately exercised.
TESTING STRATEGIES
38
Testing is a set of activities that can be planned in advanced and conducted systematically.
Software testing is one element of verification and validation. Validation refers to a different set of
activities that ensure that the software that has been built is traceable to customer requirements.
The main objective of software is testing to uncover errors. To fulfill this objective, a series of test steps
unit, integration, validation and system tests are planned and executed.
UNIT TESTING
This testing method considers a module as single unit and checks the unit at interfaces and
communicates with other modules rather than getting into details at statement level. Here the module
will be treated as a black box, which will take some input and generate output. Outputs for a given set
of input combination are pre-calculated and are generated by the module.
SYSTEM TESTING
Here all the pre-tested individual modules will be assembled to create the larger system and
tests are carried out at system level to make sure that all modules are working in synchronous with each
other. This testing methodology helps in making sure that all modules which are running perfectly when
checked individually are also running in cohesion with other modules.
INTEGRATED TESTING
Integrated testing is a systematic technique for constructing the program structure while
conducting the tests. To uncover errors that are associated with interfacing the objective is to make unit
test modules and built a program structure that has been detected by design. Here errors will appear in
39
an endless loop function. In incremental testing the program is constructed and tested in small segments
where the errors are isolated and corrected.
Different incremental integration strategies are top down integration, bottom up
integration, regression testing.
REGRESSION TESTING
Regression testing maybe conducted manually by executing a subset of all test cases or using
automated capture play back tools enables the software engineer to capture the test case and results for
subsequent playback and compression. The regression suit contains different classes of test cases.
V
ALIDATION TESTING
Validation testing demonstrates the traces the requirements of the software. This can be
achieved through a series of black box tests.
10. OUTPUT SCREENS
40
SCREEN 10.1: GROUP MEMBER LOGIN

Description: To login
41
SCREEN 10.2: GROUP MEMBER REGISTER

Description: To Register
42
SCREEN 10.3: GROUP MEMBER REGISTER

Description: Registered Successfully
43
SCREEN 10.4: GROUP MEMBER LOGIN

Description: To Login Successfully
44
SCREEN 10.5: GROUP MEMBER

Description: Shows how to upload and download and also their details
45
SCREEN 10.6: VIEW UPLOAD DETAILS

Description: To view the details of the uploaded files
46
SCREEN 10.7: VIEW DOWNLOAD DETAILS

Description: Views the details that are downloaded
47
SCREEN 10.8: VIEW UPLOAD FORM

Description: Enter the file name to be uploaded
48
SCREEN 10.9: UPLOAD FORM

Description: After clicking on the key generation the key is generated
49
SCREEN 10.10: UPLOAD FORM

Description: Shows the file which is uploaded
50
SCREEN 10.11: UPLOAD FROM

Description: Shows the file which is uploaded
51

52

53
SCREEN 10.14: DOWNLOADED FROM

Description: Shows the detailst to enter the file
54

Description: Shows the detailsto that we entered the wrong key
55

56

57
SCREEN 10.18: VIEW METADATA

Description: Shows the meta data details
58
SCREEN 10.19: VIEW KEY DEATAILS

Description: Shows the username and its publickey
59
SCREEN 10.20: VIEW REVOKED USER

Description: views the revocked user
60
SCREEN 10.21: PUBLIC VERIFIER

Description: Shows the user name to be unrevocked
61
SCREEN 10.22: PUBLIC VERIFIER

Description: Shows the user is unrevocked
62
SCREEN 10.23: VIEW REVOKED USER

Description: Shows the user is revocked
63
SCREEN 10.24: DOWNLOADED FORM

Description: Enter the file which is to be downloaded
64
SCREEN 10.25: DOWNLOADED FORM

Description: Shows the file which is to be downloaded
65
SCREEN 10.26: CLOUD SERVER

Description: Shows the cloud server
66
SCREEN 10.27: VIEW GROUP MEMBERS

Description: Shows the group members
67
SCREEN 10.28: VIEW UPLOADED FILES

Description: Shows the file which isto be uploaded
68
SCREEN 10.29: VERIFY

Description: Enter the file which to be verified
69

Description: Shows the file entered is safe
70

Description: Shows the file which is verified
71
SCREEN 10.32: MODIFY

Description: Enter the file which is modified
72

Description: The file to be modified is viewed
73

Description: Shows the file which is modified
74

Description: Used to verify
11. CONCLUSION
We proposed a new public auditing mechanism for shared data with efficient user
revocation in the cloud. When a user in the group is revoked, we allow the semi-trusted cloud to re-sign
blocks that were signed by the revoked user with proxy re-signatures. Experimental results show that the
cloud can improve the efficiency of user revocation, and existing users in the group can save a
significant amount of computation and communication resources during user revocation.
75
12. BIBILOGRAPHY
[1] E. Anceaume, M. Gradinariu, A.K. Datta, G. Simon, and A. Virgillito, A Semantic Overlay for SelfPeer-to-Peer Publish/ Subscribe, Proc. 26th IEEE Intl Conf. Distributed ComputingSystems (ICDCS),
2006.
[2] J. Bacon, D.M. Eyers, J. Singh, and P.R. Pietzuch, Access Control in Publish/Subscribe Systems,
Proc. Second ACM Intl Conf. Distributed Event-Based Systems (DEBS), 2008.
[3] W.C. Barker and E.B. Barker, SP 800-67 Rev. 1. Recommendation for the Triple Data Encryption
Algorithm (TDEA) Block Cipher, technical report, Natl Inst. of Standards & Technology, 2012.
76
[4] J. Bethencourt, A. Sahai, and B. Waters, Ciphertext-Policy Attribute-Based Encryption, Proc. IEEE
Symp. Security and Privacy, 2007.
[5] D. Boneh, G.D. Crescenzo, R. Ostrovsky, and G. Persiano, Public Key Encryption with Keyword
Search, Proc. Intl Conf. Theory and Applications of Cryptographic Techniques on Advances in
Cryptology (EUROCRYPT), 2004.
[6] D. Boneh and M.K. Franklin, Identity-Based Encryption from the Weil Pairing, Proc. Intl
Cryptology Conf. Advances in Cryptology, 2001.
[7] S. Choi, G. Ghinita, and E. Bertino, A Privacy-Enhancing Content-Based Publish/Subscribe System
Using Scalar Product Preserving Transformations, Proc. 21st Intl Conf. Database and
Expert Systems Applications: Part I, 2010.
[8] V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for Fine-Grained Access
Control of Encrypted Data, Proc. ACM 13th Conf. Computer and Comm. Security (CCS), 2006.
[9] M. Ion, G. Russello, and B. Crispo, Supporting Publication and Subscription Confidentiality in
Pub/Sub Networks, Proc. Sixth Intl ICST Conf. Security and Privacy in Comm. Networks
(SecureComm), 2010.
[10] H.-A. Jacobsen, A.K.Y. Cheung, G. Li, B. Maniymaran, V. Muthusamy, and R.S. Kazemzadeh,
The PADRES Publish/ Subscribe System, Principles and Applications of Distributed Event-Based
Systems. IGI Global, 2010.
[11] M. Jelasity, A. Montresor, G.P. Jesi, and S. Voulgaris, PeerSim: A Peer-to-Peer Simulator,
http://peersim.sourceforge.net/, 2013.
[12] H. Khurana, Scalable Security and Accounting Services for Content-Based Publish/Subscribe
Systems, Proc. ACM Symp. Applied Computing, 2005.
77

Santosh

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Santosh

Uploaded by

Copyright:

Available Formats

PUBLIC AUDITING FOR SHARED DATA WITH EFFICIENT USER REVOCATION IN THE CLOUD

MRITS Department of Computer Science & Engineering

1.2 SCOPE OF THE PROJECT

MRITS Department of Computer Science & Engineering

MRITS Department of Computer Science & Engineering

2.2 PROPOSED SYSTEM

3. SOFTWARE REQUIREMENT SPECIFICATION

3.1 SOFTWARE INTERFACE

Visual Studio 2010

SQL Server 2008

3.2 HARDWARE INTERFACE

5.1 TECHNICAL FEASIBILITY

5.2 ECONOMICAL FEASIBILITY

5.3 OPERATIONAL FESIBILITY

6.1 UML Diagrams

These are the artifacts of a software- intensive system.

Relationships in the UML

Use case diagram

6.1.1 USE CASE DIAGRAM

MRITS Department of Computer Science & Engineering

FIG. 6.1.1 Use Case Diagram For Group Memeber

6.1.2 CLASS DIAGRAM

MRITS Department of Computer Science & Engineering

FIG. 6.1.2 Class Diagram For Group Member

6.1.2 SEQUENCE DIAGRAM

FIG. 6.1.3 Sequence Diagram of Group Member

6.1.4 ACTIVITY DIAGRAM

MRITS Department of Computer Science & Engineering

FIG.6.1.4 Activity Diagram of Registration

6.2 ARCHITECTURE DIAGRAM

Water Fall Model

To provide a consistent object-oriented programming environment whether object code is stored

To provide a code-execution environment that minimizes software deployment and versioning

To provide a code-execution environment that eliminates the performance problems of scripted

MRITS Department of Computer Science & Engineering

New Application Models

ASP.NET extends your application's reach to new customers and partners.

Structure of ASP+ Pages

functionality of ASP+. Web controls are of four basic types:

MRITS Department of Computer Science & Engineering

Protection and Prevention

Protection and Prevention

MRITS Department of Computer Science & Engineering

Better language support

MRITS Department of Computer Science & Engineering

Inconsistency can be eliminated

First Normal Form

A relation is said to be in third normal form if their exits no transitive dependencies.

Group Member Registration & Login

GROUP MEMBER REGISTRATION AND LOGIN

UPLOAD FILE TO CLOUD

DOWNLOAD FILE FROM CLOUD

PUBLIC AUDITING WITH USER REVOCATION IN PUBLIC VERIFIER

MRITS Department of Computer Science & Engineering

8.2 Sample code

private System.Windows.Forms.Label label1;

btnOK.Location = new System.Drawing.Point(16, 104);

MRITS Department of Computer Science & Engineering

10. OUTPUT SCREENS

MRITS Department of Computer Science & Engineering

SCREEN 10.1: GROUP MEMBER LOGIN

MRITS Department of Computer Science & Engineering

SCREEN 10.2: GROUP MEMBER REGISTER

MRITS Department of Computer Science & Engineering