Professional Documents
Culture Documents
IN CLOUD COMPUTING
MARCH- 2018
A SECURE DATA SELF-DESTRUCTION
SCHEME IN CLOUD COMPUTING
IN
By
MARCH- 2018
Forwarding Certificate
I hereby recommend that the project work prepared under my supervision by Saneyar
Tajjdeen Khazin (15BCA12005), Rakshak Singh (15BCA12022), Kavisara Pasertjit
(15TE11012) entitled ‘A Secure Data Self-Destructing Scheme in cloud computing’ be
accepted in partial fulfillment of the requirements for the degree of BACHELORS IN
COMPUTER APPLICATION.
MOHAMMED AMEENULLA
Internal Supervisor
Department of Computer Science & IT
Certificate of approval
Committee
On
Final Examination for
Evaluation of project work
DECLARATION
We affirm that the project work titled ‘A Secure Data Self-Destructing Scheme in cloud
computing’ being submitted in partial fulfillment for the award of BCA is the original
work carried out by us. It has not formed the part of any other project work submitted for
award of any degree or diploma, either in this or any other University.
With profound sense of gratitude and regards, We acknowledge with great pleasure the
guidance and support extended by Dr. Eshwaran Iyer, Dean, Jain Knowledge Campus,
Bangalore, Dr. B.A Vasu, Center Head, Jain Knowledge Campus Bangalore, Dr.
SJagannathan, Head, Department of Computer Science & IT, Jain University & Prof.
Achutha V, Department of Computer science & IT, Jain University, Bangalore for their
interest & encouragement towards the completions of this project
We would like to express our deep sense of gratitude to our coordinator Prof. Rashmi G
for her immense support and encouragement. Last but not the least our Guide Prof.
Mohammad Ameenulla, Assistant Professor, Department of BCA, Jain University,
Bangalore for his guidance and valuable time spent with us towards successful
completion of this project.
We would also thank our parents, friends & non-teaching staff for their support in
completing this project.
process and resources. Sharing of sensitive data in cloud environment has become a
major concern for all the cloud user and clouds service providers in term of privacy
aspect and security of the sensitive data that has been shared on cloud server. Since the
shared data in cloud server may contain user’s sensitive information such as personal
profile, financial data and health records. Thus, the information need to be well protected
to do further research in order to solve security issues when sharing of sensitive data in
cloud environment by trying from a different approach. SHA-1 algorithm is being used in
this project. In which, text will be taken as an input which then will passed to SHA-1
algorithm to generate the hash code as the output of the file. Thus, the input file is
encrypted. Additionally, the user-specified expiration time is provided for the file or text
to be access. The file will be securely self-destructed after the user-specified expiration
time.
ABBREVIATIONS
ABBREVIATIONS iii
1. Introduction 1-2
2. Review of Literature 3
2.1 Secure Data Self-Destructing Scheme 3
3. Scope 8-10
9. Appendix 32
Bibliography 39-40
1. INTRODUCTION
A Secure Data Self-Destructing Scheme in Cloud Computing will gives the security
for the files which is stored in cloud server. Cloud computing is considered as one of the
used to share data with known or unknown friend circle such as Dropbox, Google Drive,
Alicloud. In this case the security is an important characteristic of sharing of data in cloud
computing environment. The shared server in cloud data may contain user’ sensitive
information such as personal profile, financial data and health record. So, the information
Thus, it becomes major concern to protect privacy of the shared data in cloud
computing environment. In order to tackle this problem, it is very important that the
authorization period and provide fined grained access control during that particular
period.
Recent research has used various schemes such as KP-TSABE i.e. key policy
attribute-based encryption with time specified attributes. In which, every cipher text is
labeled with a time interval while private key is associated with a time instant. The cipher
text can only be decrypted if both the time instant is in the allowed time interval and the
attribute associated with the cipher text satisfy the key’s access structure. KP-TSABE
1
solve import security such as protect the privacy of those shared data in cloud, especially
and providing fine-grained access control during the period. Thus, sensitive data will be
securely self-destructed after a user-specified expiration time. And the data should only
do further research in order to solve some security issues when sharing of sensitive data
in cloud environment by trying from a different approach. SHA-1 algorithm has been
used. In which, file or text will be taken as an input which then will passed to SHA-1
algorithm to generate the hash code as the output of the file. Thus, the input file is
encrypted. Additionally, the user-specified expiration time is provided for the file or text
to be access. The text will be securely self-destructed after the user-specified expiration
time
2
2. REVIEW OF LITERATURE
2.1 Title: Survey on Secure Data Self-Destructing Scheme in Cloud
Computing
Abstract: The Cloud Computing is use for large amount of storage data, but
the main drawback is security and privacy of data in cloud computing. So this
computing.
Conclusion: The main focus is on the security issue and how to securely
outsource the data from cloud. To solve this problem in this paper we have
encryption decryption.
3
2.2 Title: An Efficient Key-Policy Attribute-Based Encryption Scheme
attributes and private keys are associated with access structures that
specify which cipher texts the key holder will be allowed to decrypt. In
most existing KP-ABE scheme, the cipher text size grows linearly with
propose a new KP-ABE construction with constant cipher text size. The
assumption.
4
2.3 Time-Specific Encryption
each time unit, a Time Instant Key (TIK). The sender of a message can specify
any time interval during the encryption process; the receiver can decrypt to
recover the message only if it has a TIK that corresponds to a time in that interval.
receivers are additionally equipped with private keys and either public keys or
identities, and where decryption now requires the use of the private key as well as
an appropriate TIK. We introduce security models for the plain, public-key and
identity based settings. We also provide constructions for schemes in the different
settings, showing how to obtain Plain TSE using identity-based techniques, how
and how to build schemes that are chosen-cipher text secure from schemes that
primitive, and discuss its relationships with existing primitives, such as Timed-
algorithm. The same key is used for both encryption and decryption. However,
5
AES is quite different from DES in a number of ways. The algorithm Rijndael
allows for a variety of block and key sizes and not just the 64 and 56 bits of DES’
block and key size. The block and key can in fact be chosen independently from
128, 160, 192, 224, 256 bits and need not be the same. The name of the standard
differences AES differs from DES in that it is not a feistel structure. Recall that in
a feistel structure, half of the data block is used to modify the other half of the
data block and then the halves are swapped. In this case the entire data block is
number of AES parameters depend on the key length. For example, if the key size
used is 128 then the number of rounds is 10 whereas it is 12 and 14 for 192 and
SHA-1 produces a 160-bit hash value or message digests from the inputted data
(data that requires encryption), which resembles the hash value of the MD5
where the need for data integrity is high. It is also used to index hash functions
7
3. SCOPE
authorization period. It is to ensure that the data is only be able to access by an authorized
user. Users want security to be seamless and transparent. Users’ top priority is access –
the ability to get the information they need to get their work done, as quickly and
conveniently as possible. The problem is that security and convenience will always
occupy opposite ends of a continuum; the more you have of one, the less you have of the
other.
manufacturers and storage service providers (SSPs) to describe products and services that
through redundancy involving where the data is stored and how it can be reached. Some
vendors describe the need to have a data center and a storage-centric rather than a server-
centric philosophy and environment. It is important to ensure that the authorized user can
have access to their data whenever they require the access it.
8
3.3 Security: Data security has consistently been a major issue in information
the data is located in different places even in all the globe. Data security and privacy
protection are the two main factors of user's concerns about the cloud technology.
Though many techniques on the topics in cloud computing have been investigated in both
academics and industries, data security and privacy protection are becoming more
industry, and business. A proposed system is to ensure the security to the data as the
authorized user can only access the data in a specified time. After expiration time, the
whereby data, or text, is transformed using encryption algorithms and is then placed on a
storage cloud. Cloud encryption is the transformation of a cloud service customer's data
into ciphertext. Cloud encryption is almost identical to in-house encryption with one
important difference -- the cloud customer must take time to learn about the provider's
policies and procedures for encryption and encryption key management. The cloud
encryption capabilities of the service provider need to match the level of sensitivity of the
data being hosted. In a proposed system, will be implementing encryption to the text or a
3.5 Integrity: Integrity, in the context of computer systems, refers to methods of ensuring
that data is real, accurate and safeguarded from unauthorized user modification. Integrity
9
is one of the five pillars of Information Assurance (IA). The other four are authentication,
be able to trust information. Untrusted data is devoid of integrity. Stored data must
remain unchanged within an information system (IS), as well as during data transport.
10
4. DESIGN METHODOLOGY OF THE PROPOSED WORK
11
OVERVIEW OF THE PROGRAM
START
USER INPUT AS A
TEXT/FILE
USER TIME
SPECIFIED
TIMER START
INPUT
TEXT/FILE IS
DISPLAYED
COUNTDOWN
TIME IS
DISPLAYED
Count down
reaches zero
ENCRYPTION
ALGORITHM
STOP
12
HTML, JAVA script, AJAX
START
Start timer()
YES
IF TIMER == 0
LENGTH
(if no value is enter)
Alert (Enter
NO a value)
IF INPUT ≠ NO
NUMERIC VALUE
Alert (Enter
YES a number)
BUTTON AND TIME
FIELD HIDDEN
HideElement()
( X/60 ) + ” “ + X%60
COUNTDOWN
DECREMENT
REMAIN == 1
DISPLAY MESSAGE
EACH INTERVAL
Display()
CallServlet()
STOP
13
5. RESOURCES AND TOOLS
HARDWARE REQUIREMENT:
SOFTWARE REQUIREMENT:
PowerShell
Bootstrap
XAMPP
Eclipse
(Cascading Style Sheets) are used in this project along with Bootstrap
the page while CSS are used for maintaining and designing layout,
color and fronts. This is because it allows one to adapt the presentation
14
to different types of devices. The separation of HTML from CSS
makes it easier to maintain sites, share style sheets across pages, and
the program for the timer take the input from the user as a time in
second i.e. numeric value. Once the timer starts, it would count down
the number of second that the user can view the text.
project, AJAX is used to call servlet to HTML. With Ajax, Web applications
can send and retrieve data from a server asynchronously (in the background)
without interfering with the display and behavior of the existing page. AJAX
15
6. IMPLEMENTATION AND RESULTS
Expression 1
Expression 2
In this part of the code (figure 6.1.1), we have creating javascript variable called
‘asyncRequest’. The function ‘startTimer()’ is used to take the input time (in
seconds) from the user; which is specified as ‘usertime’ in input field in html code in
returns the elements that has the ID attribute mentioned. Then, we compare the input
value. In case the user did not enter the value in the timer field; the program will show
an alert ‘please enter a value’ (figure 6.1.2). This can be seen in expression 1 in the
above figure. On the other hand, if the input is not a numeric value (figure 6.1.3) i.e. 0-
9 then it will again show an alert ‘please enter a number’ (expression 2). If the value
enter in field is numeric value; the program will proceed and refer to notifier. Thus,
16
Figure: 6.1.2 the time is not enter
17
6.2 String to SHA-1 algorithm implementation using servlet
The javax.servlet package contains many interfaces and classes that are used by
the servlet or web container. These are not specific to any protocol.
javax.servlet.http.
18
Expression 3
Expression 4
classes and methods. It also inherit the class doPost and doGet. Sampleservlet is a default
constructor. doPost is generally used to update or post some information to the HTTP
server(expression 3). In this proposed approach, we have used doPost to get the text. In
doPost parameters are sent in separate line. There is no maximum size for data.
‘Request.getParameter() is the method to get a value of the element that has the ID
attribute mentioned. ‘TextEncrypt’ is ID attribute which specified the text input by the
user in html code (figure 6.5.2). Variable ‘encText’ is used for inserting the value such as
19
Figure: 6.2.3 SHA-1 algorithm
SHA-1 algorithm is used to encrypt the text input by the user. In the proposed approach,
(security provider).
20
6.3 Servlet call function using AJAX
Expression 5
Expression 6
In figure 6.3.1, we have created a function i.e. ‘callServlet()’. Where the function in
servlet (figure 6.2.1) can be called by using AJAX. It allows to send and retrieve data
from a server asynchronously (in the background) without interfering with the display
and behavior of the existing page. In expression 5, we created a new object called
the ready state property change. In expression 6, ‘readystate’ and ‘status’ object
property is used to hold the status of XMLHttpRequest and to return the status-number of
== 200’ means request finish and response is ready and status is ‘OK’ then the program
can proceed forward. Then, it will get the value of the text to be encrypt and response
data in string by using ‘responseText’ object property. Open() and send() method are
21
6.4Hidden text field and button once the time starts
Expression 7
Expression 8
Expression 9
Expression 10
Expression 11
the buttons once the timer starts (figure 6.4.3). Hiding an element can be done by setting
field is read-only, or not. A read-only field cannot be modified. However, a user can tab
22
changeText() function (expression 9) is used to change the label of the text from ‘enter
the text to be encrypted’ to ‘ text will be encrypted when the timer counts down (figure
6.4.3).
the exact time i.e. seconds to minutes in case if the time more than 60 seconds is entered.
For instance, if the user input the time for 60 seconds, the program will convert it to
display the message at each time intervals such as 10 seconds left and 5 seconds left.
clearField() function is used to clear the value enter by the user in both text field and
23
ChangeText()
HideElment()
The buttons are hidden
24
6.5 HTML/CSS implementation using bootstrap
Expression 12
With HTML/CSS we have created GUI page according to what we have designed earlier
in the project.
<script> tag used to define the client-side script (java script). In this proposed project
<script tag> is used to both contains scripting statement as we shown in figure 6.3.1 and
figure 6.4.1.
<div> tag is used to group block-elements to format them with CSS. It defines a division
Class attribute specifies one or more class names for an HTML element. The class name
can be used by CSS and JavaScript to perform certain tasks for elements with the
specified class name. In figure 6.5.1, we have specified the class as ‘container’. It
25
contains various attributes such as label which is used to label the text ‘Enter the text to
be encrypted’. However, once the time start the label change. This is achieved through
Bootsrap CSS form is used in expression 12, to create a text area which allow the user to
input the text to be encrypted. ‘textEncrypt’ is the attribute ID for input text. ‘hidden’
hide the button and text field once the timer starts.
Then, we created another label ‘Enter the time limits’. Under that we have put the
inputs types for bootstrap form such as text and button. Text input type allow the user to
enter the time limit along with associates the value to attribute ID is ‘usertime’. Button
type is used to proceed the code on mouse click action. In other word, once the user click
on ‘encrypt’ button; startTimer() function will start executing. Clear button is used to
26
Label
Textarea to input the
test to be encrypted
Attribute ID:
textEncrypt
Label
Textarea to
enter the time Buttons on
mouse click
Attribute ID: action
usertime Figure: 6.5.2 output of implementation of HTML/CSS code
27
RESULT
Once the user input the text and time, the user should click on encrypt button.
The timer will start counting down and notify you at each intervals of when
the time will get over. When countdown time reaches zero the text will be
encrypted with SHA-1 algorithm. Thus, the user will not be able to view the
text again.
28
7. CONCLUSION
In this proposed project, we have used the idea of Self-Destruction scheme in cloud
The main proposed of this approach is to ensure that the text which is entered by the user
will be encrypted once the timer count reaches zero. we have successfully maintained the
integrity of the data with this approach as the text input by the user can no longer be alter
or access. Therefore, security in cloud information; in this case the text is achieved.
However, in this project we have developed only integrity aspect of the cloud security.
Thus, with further research we would be able to come up with a better idea for Self-
29
8. FUTURE SCOPE
One of the ways of implementing the self-destruct application is when users ask for
access to certain documents that are of sensitive nature. In this case, the server allows
access to the document along with a countdown time, which, once reaches zero,
automatically encrypts the data or the file that was requested. The scope of this is not just
limited to text, but also to the other form of data as well, including documents, media and
so on. One of the ways of developing this application even further is by using a top-down
or bottom approach which comes under the JAX-WS Web Service Development.
Another aspect that can be implemented is the different types of encryption algorithms
available. In this case, depending on the complexity and the size of the data, a suitable
algorithm can be selected and implemented. Available options could be AES, Blowfish,
IDEA etc.
EXAMPLE:
Procedure upload
Email: Email address of the user
Password: secret password for authentication
BEGIN
Check user_id
30
check for request or upload
if upload then
upload(file, timer, algorithm(key))
else
if file available
start countdown timer
Else
“Request denied”;
Endif
endif;
END;
31
9. APPENDIX
Expression 1
Expression 2
32
Figure: 6.1.3 the time entered is not numeric value
33
Figure: 6.2.2 httpServlet doPost
34
Figure: 6.3.1 Servlet call function using AJAX
35
Figure: 6.4.1 function to hidden button and text field
36
Figure: 6.4.3 Effect of code implementation
37
Label
Textarea to input the
test to be encrypted
Attribute ID:
textEncrypt
Label
Textarea to
enter the time Buttons on
mouse click
Attribute ID: action
usertime
Figure: 6.5.2 output of implementation of HTML/CSS code
38
BIBLIOGRAPHY
5. Gist. (2018). Hashing a String with SHA1 in Java. [online] Available at:
https://gist.github.com/giraam/7413306 [Accessed 7 Mar. 2018].
39
11. Servlets Tutorial. [online] Available
at:https://www.tutorialspoint.com/servlets/index.htm [Accessed 7 Mar. 2018] <
www.tutorialspoint.com. >.
13. What is difference between doGet() and doPost() ?. [online] Available at:
https://www.javatpoint.com/q/3714/what-is-difference-between-doget()-and-
dopost()-? [Accessed 7 Mar. 2018].
15. Xiong, J., Liu, X., Yao, Z., Ma, J., Li, Q., Geng, K. and Chen, P. (2014). A Secure
Data Self-Destructing Scheme in Cloud Computing. IEEE Transactions on Cloud
Computing, 2(4), pp.448-458.
40