A SECURE DATA SELF-DESTRUCTION SCHEME

IN CLOUD COMPUTING

DEPARTMENT OF COMPUTER SCIENCE & IT

JAIN KNOWLEDGE CAMPUS

JAIN UNIVERSITY
BANGALORE- 560069.

MARCH- 2018
 A SECURE DATA SELF-DESTRUCTION
SCHEME IN CLOUD COMPUTING

PROJECT REPORT SUBMITTED IN PARTIAL FULFILLMENT OF

THE REQUIREMENT FOR THE DEGREE OF

BACHELORS IN COMPUTER APPLICATION

(SPECIALIZATION IN CLOUD TECHNOLOGY AND
INFORMATION SECURITY)

IN

DEPARTMENT OF COMPUTER SCIENCE & IT

By

SANEYAR TAJJDEEN KHAZIN (15BCA12005)

RAKSHAK SINGH (15BCA12022)
KAVISARA PASERTJIT (15TE11012)

JAIN KNOWLEDGE CAMPUS

JAIN UNIVERSITY
BANGALORE- 560069. INDIA

MARCH- 2018
 Forwarding Certificate

I hereby recommend that the project work prepared under my supervision by Saneyar
Tajjdeen Khazin (15BCA12005), Rakshak Singh (15BCA12022), Kavisara Pasertjit
(15TE11012) entitled ‘A Secure Data Self-Destructing Scheme in cloud computing’ be
accepted in partial fulfillment of the requirements for the degree of BACHELORS IN
COMPUTER APPLICATION.

MOHAMMED AMEENULLA
Internal Supervisor
Department of Computer Science & IT
 Certificate of approval

The foregoing project work by Saneyar Tajjdeen Khazin (Registration Number

15BCA12005), Rakshak Singh (Registration Number 15BCA12022), Kavisara
Pasertjit (Registration Number 15TE11012), is hereby approved as a creditable study
carried out and presented in a manner satisfactory to warrant its acceptance as a pre-
requisite to the degree for which it has been submitted. It is understood that by this
approval the undersigned do not necessarily endorse or approve any statement made,
opinion expressed or conclusion drawn therein but approve only for the purpose for
which it is submitted.

Committee
On
Final Examination for
Evaluation of project work
 DECLARATION

We affirm that the project work titled ‘A Secure Data Self-Destructing Scheme in cloud
computing’ being submitted in partial fulfillment for the award of BCA is the original
work carried out by us. It has not formed the part of any other project work submitted for
award of any degree or diploma, either in this or any other University.

SANEYAR TAJJDEEN KHAZIN (15BCA12005)

RAKSHAK SINGH (15BCA12022)
KAVISARA PASERTJIT (15TE11012)
 ACKNOWLEDGEMENT
It is not the completion of project that is most important but more so, the interaction of
roles played by various people in the satisfactory completion. We take this opportunity to
express our deep gratitude and appreciation of all those who encouraged us to
successfully complete the project.

With profound sense of gratitude and regards, We acknowledge with great pleasure the
guidance and support extended by Dr. Eshwaran Iyer, Dean, Jain Knowledge Campus,
Bangalore, Dr. B.A Vasu, Center Head, Jain Knowledge Campus Bangalore, Dr.
SJagannathan, Head, Department of Computer Science & IT, Jain University & Prof.
Achutha V, Department of Computer science & IT, Jain University, Bangalore for their
interest & encouragement towards the completions of this project

We would like to express our deep sense of gratitude to our coordinator Prof. Rashmi G
for her immense support and encouragement. Last but not the least our Guide Prof.
Mohammad Ameenulla, Assistant Professor, Department of BCA, Jain University,
Bangalore for his guidance and valuable time spent with us towards successful
completion of this project.

We would also thank our parents, friends & non-teaching staff for their support in
completing this project.

SANEYAR TAJJDEEN KHAZIN (15BCA12005)

RAKSHAK SINGH (15BCA12022)
KAVISARA PASERTJIT (15TE11012)
 ABSTRACT
Cloud computing is an on demand accessing of server which store, manage

process and resources. Sharing of sensitive data in cloud environment has become a

major concern for all the cloud user and clouds service providers in term of privacy

aspect and security of the sensitive data that has been shared on cloud server. Since the

shared data in cloud server may contain user’s sensitive information such as personal

profile, financial data and health records. Thus, the information need to be well protected

from the third party.

In this project, the idea of ‘A Secure Data Self-Destructing Scheme’ is taken up

to do further research in order to solve security issues when sharing of sensitive data in

cloud environment by trying from a different approach. SHA-1 algorithm is being used in

this project. In which, text will be taken as an input which then will passed to SHA-1

algorithm to generate the hash code as the output of the file. Thus, the input file is

encrypted. Additionally, the user-specified expiration time is provided for the file or text

to be access. The file will be securely self-destructed after the user-specified expiration

time.
 ABBREVIATIONS

KP-TSABE key policy attribute-based encryption with time specified attributes

SHA-1 Secure Hash Algorithm 1

 CONTENTS

ABBREVIATIONS iii

1. Introduction 1-2

2. Review of Literature 3
2.1 Secure Data Self-Destructing Scheme 3

2.2 An Efficient Key-Policy Attribute-Based Encryption Scheme 4

2.3 Time-Specific Encryption 5

2.4 Advanced Encryption Standard 6

2.5 Secure Hash Algorithm 1 7

3. Scope 8-10

4. Design Methodology of Proposed work 11-13

5. Resource and Tools 14-15

6. Implementation and Results 16-28

7. Conclusion 29

8. Future Scope 30-31

9. Appendix 32

9.1 Code Snippet 33-38

Bibliography 39-40
 1. INTRODUCTION

A Secure Data Self-Destructing Scheme in Cloud Computing will gives the security

for the files which is stored in cloud server. Cloud computing is considered as one of the

next step in the evolution of on-demand information technology. Cloud computing is

used to share data with known or unknown friend circle such as Dropbox, Google Drive,

Alicloud. In this case the security is an important characteristic of sharing of data in cloud

computing environment. The shared server in cloud data may contain user’ sensitive

information such as personal profile, financial data and health record. So, the information

needs to be well protected from the third party.

Thus, it becomes major concern to protect privacy of the shared data in cloud

computing environment. In order to tackle this problem, it is very important that the

cloud service provider design a comprehensive solution to support user-defined

authorization period and provide fined grained access control during that particular

period.

Recent research has used various schemes such as KP-TSABE i.e. key policy

attribute-based encryption with time specified attributes. In which, every cipher text is

labeled with a time interval while private key is associated with a time instant. The cipher

text can only be decrypted if both the time instant is in the allowed time interval and the

attribute associated with the cipher text satisfy the key’s access structure. KP-TSABE

1
solve import security such as protect the privacy of those shared data in cloud, especially

in cross-cloud and big data environment by supporting user-defined authorization period

and providing fine-grained access control during the period. Thus, sensitive data will be

securely self-destructed after a user-specified expiration time. And the data should only

be accessed by only the authorized user.

In this project, the idea of ‘A Secure Data Self-Destructing Scheme’ is taken up to

do further research in order to solve some security issues when sharing of sensitive data

in cloud environment by trying from a different approach. SHA-1 algorithm has been

used. In which, file or text will be taken as an input which then will passed to SHA-1

algorithm to generate the hash code as the output of the file. Thus, the input file is

encrypted. Additionally, the user-specified expiration time is provided for the file or text

to be access. The text will be securely self-destructed after the user-specified expiration

time

2
 2. REVIEW OF LITERATURE
2.1 Title: Survey on Secure Data Self-Destructing Scheme in Cloud

Computing

Author: M.Bhandari, Pooja Chaudhari, Sonal Sonawane, Bhagyashree

Shetkar, Manisha Konde

Abstract: The Cloud Computing is use for large amount of storage data, but

the main drawback is security and privacy of data in cloud computing. So this

problem solve by using the Key Policy-Time Specified Attribute based

encryption (KPTSABE), secure data self-destructing scheme in cloud

computing.

Conclusion: The main focus is on the security issue and how to securely

outsource the data from cloud. To solve this problem in this paper we have

developed a secure scheme i.e. KP-TSABE which provides time specified

encryption decryption.

3
2.2 Title: An Efficient Key-Policy Attribute-Based Encryption Scheme

with Constant Cipher text Length

Author: Changji Wang and Jianfa Luo

Overview: Attribute-based encryption (ABE) is a new cryptographic

primitive which provides a promising tool for addressing the problem of

secure and fine-grained data sharing and decentralized access control.

Key-policy attribute-based encryption (KP-ABE) is an important type of

ABE, which enables senders to encrypt messages under a set of

attributes and private keys are associated with access structures that

specify which cipher texts the key holder will be allowed to decrypt. In

most existing KP-ABE scheme, the cipher text size grows linearly with

the number of attributes embedded in cipher text. In this paper, we

propose a new KP-ABE construction with constant cipher text size. The

access policy can be expressed as any monotone access structure.

Meanwhile, the cipher text size is independent of the number of cipher

text attributes, and the number of bilinear pairing evaluations is reduced

to a constant. We prove that our scheme is semantically secure in the

selective-set model based on the general Diffie-Hellman exponent

assumption.

4
2.3 Time-Specific Encryption

Author: Kenneth G. Paterson and Elizabeth A. Quaglia

Overview: In (Plain) TSE, a Time Server broadcasts a key at the beginning of

each time unit, a Time Instant Key (TIK). The sender of a message can specify

any time interval during the encryption process; the receiver can decrypt to

recover the message only if it has a TIK that corresponds to a time in that interval.

We extend Plain TSE to the public-key and identity-based settings, where

receivers are additionally equipped with private keys and either public keys or

identities, and where decryption now requires the use of the private key as well as

an appropriate TIK. We introduce security models for the plain, public-key and

identity based settings. We also provide constructions for schemes in the different

settings, showing how to obtain Plain TSE using identity-based techniques, how

to combine Plain TSE with public-key and identity-based encryption schemes,

and how to build schemes that are chosen-cipher text secure from schemes that

are chosen-plaintext secure. Finally, we suggest applications for our new

primitive, and discuss its relationships with existing primitives, such as Timed-

Release Encryption and Broadcast Encryption

2.4 Advanced Encryption Standard: Like DES, AES is also symmetric

algorithm. The same key is used for both encryption and decryption. However,

5
AES is quite different from DES in a number of ways. The algorithm Rijndael

allows for a variety of block and key sizes and not just the 64 and 56 bits of DES’

block and key size. The block and key can in fact be chosen independently from

128, 160, 192, 224, 256 bits and need not be the same. The name of the standard

is modified to AES-128, AES-192 or AES- 256 respectively. As well as these

differences AES differs from DES in that it is not a feistel structure. Recall that in

a feistel structure, half of the data block is used to modify the other half of the

data block and then the halves are swapped. In this case the entire data block is

processed in parallel during each round using substitutions and permutations. A

number of AES parameters depend on the key length. For example, if the key size

used is 128 then the number of rounds is 10 whereas it is 12 and 14 for 192 and

256 bits respectively.

2.5 Title: Secure Hash Algorithm 1

SHA-1 produces a 160-bit hash value or message digests from the inputted data

(data that requires encryption), which resembles the hash value of the MD5

algorithm. It uses 80 rounds of cryptographic operations to encrypt and secure a

data object. Some of the protocols that use SHA-1 include:

 Transport Layer Security (TLS)

 Secure Sockets Layer (SSL)

 Pretty Good Privacy (PGP)

 Secure Shell (SSH)

 Secure/Multipurpose Internet Mail Extensions (S/MIME)

6
 Internet Protocol Security (IPSec)

SHA-1 is commonly used in cryptographic applications and environments

where the need for data integrity is high. It is also used to index hash functions

and identify data corruption and checksum errors.

7
 3. SCOPE

3.1 Authentication: It is the process of granting access to confidential data to an

authorized user. A Secure data Self-Destructing scheme should support user-defined

authorization period. It is to ensure that the data is only be able to access by an authorized

user. Users want security to be seamless and transparent. Users’ top priority is access –

the ability to get the information they need to get their work done, as quickly and

conveniently as possible. The problem is that security and convenience will always

occupy opposite ends of a continuum; the more you have of one, the less you have of the

other.

3.2 Availability: Data availability is a term used by some computer storage

manufacturers and storage service providers (SSPs) to describe products and services that

ensure that data continues to be available at a required level of performance in situations

ranging from normal through "disastrous." In general, data availability is achieved

through redundancy involving where the data is stored and how it can be reached. Some

vendors describe the need to have a data center and a storage-centric rather than a server-

centric philosophy and environment. It is important to ensure that the authorized user can

have access to their data whenever they require the access it.

8
3.3 Security: Data security has consistently been a major issue in information

technology. In the cloud computing environment, it becomes particularly serious because

the data is located in different places even in all the globe. Data security and privacy

protection are the two main factors of user's concerns about the cloud technology.

Though many techniques on the topics in cloud computing have been investigated in both

academics and industries, data security and privacy protection are becoming more

important for the future development of cloud computing technology in government,

industry, and business. A proposed system is to ensure the security to the data as the

authorized user can only access the data in a specified time. After expiration time, the

data will be encrypted. Thus, no access to the data.

3.4 Encryption: Cloud encryption is a service offered by cloud storage providers

whereby data, or text, is transformed using encryption algorithms and is then placed on a

storage cloud. Cloud encryption is the transformation of a cloud service customer's data

into ciphertext. Cloud encryption is almost identical to in-house encryption with one

important difference -- the cloud customer must take time to learn about the provider's

policies and procedures for encryption and encryption key management. The cloud

encryption capabilities of the service provider need to match the level of sensitivity of the

data being hosted. In a proposed system, will be implementing encryption to the text or a

file by using hash algorithm in order to provide confidentiality to the data.

3.5 Integrity: Integrity, in the context of computer systems, refers to methods of ensuring

that data is real, accurate and safeguarded from unauthorized user modification. Integrity

9
is one of the five pillars of Information Assurance (IA). The other four are authentication,

availability, confidentiality and nonrepudiation. Data integrity maintenance is an

information security requirement. Integrity is a major IA component because users must

be able to trust information. Untrusted data is devoid of integrity. Stored data must

remain unchanged within an information system (IS), as well as during data transport.

10
4. DESIGN METHODOLOGY OF THE PROPOSED WORK

 Design for GUI (Graphic User Interface)

11
OVERVIEW OF THE PROGRAM

START

USER INPUT AS A
TEXT/FILE

USER TIME
SPECIFIED

TIMER START
INPUT
TEXT/FILE IS
DISPLAYED

COUNTDOWN
TIME IS
DISPLAYED

Count down
reaches zero

ENCRYPTION
ALGORITHM

STOP

12
HTML, JAVA script, AJAX

START

Start timer()

YES
IF TIMER == 0
LENGTH
(if no value is enter)
Alert (Enter
NO a value)

IF INPUT ≠ NO
NUMERIC VALUE

Alert (Enter
YES a number)
BUTTON AND TIME
FIELD HIDDEN
HideElement()

TEXT AREA BECOME

UNEDITABLE
ReadOnlyText()

( X/60 ) + ” “ + X%60

COUNTDOWN
DECREMENT
REMAIN == 1

DISPLAY MESSAGE
EACH INTERVAL
Display()
CallServlet()

STOP
13
 5. RESOURCES AND TOOLS

HARDWARE REQUIREMENT:

Processor: Core i5 processor 2.40GHz

Memory: 4GB RAM

Hard Disk: 1GB or above

SOFTWARE REQUIREMENT:

 Netbeans IDE 8.2

 Visual basic 6.0

 Visual studio code

 PowerShell

 Bootstrap

 XAMPP

 Eclipse

THE FOLLOWING IS THE PROGRAMING LANGUAGE USED:

 HTML/CSS: HTML (Hyper Text Markup Language)/ CSS

(Cascading Style Sheets) are used in this project along with Bootstrap

software to build GUI on webpage. HTML provides the structure of

the page while CSS are used for maintaining and designing layout,

color and fronts. This is because it allows one to adapt the presentation

14
 to different types of devices. The separation of HTML from CSS

makes it easier to maintain sites, share style sheets across pages, and

tailor pages to different environments.

 JAVA script: It is the programing language which is used for writing

the program for the timer take the input from the user as a time in

second i.e. numeric value. Once the timer starts, it would count down

the number of second that the user can view the text.

 Servlet: A servlet is a Java programming language class that is used to

extend the capabilities of servers that host applications accessed by

means of a request-response programming model. It is also used in

programing SHA-1 algorithm.

 AJAX (Asynchronous JavaScript And XML): In this proposed

project, AJAX is used to call servlet to HTML. With Ajax, Web applications

can send and retrieve data from a server asynchronously (in the background)

without interfering with the display and behavior of the existing page. AJAX

just uses a combination of:

o A browser built-in XMLHttpRequest object (to request data

from a web server)

o JavaScript and HTML DOM (to display or use the data)

15
 6. IMPLEMENTATION AND RESULTS

6.1 The timer code implementation using Javascript

Expression 1

Expression 2

Figure: 6.1.1 the timer code

In this part of the code (figure 6.1.1), we have creating javascript variable called

‘asyncRequest’. The function ‘startTimer()’ is used to take the input time (in

seconds) from the user; which is specified as ‘usertime’ in input field in html code in

figure 6.5.2. Additionally, we have used document.getElementById() method to

returns the elements that has the ID attribute mentioned. Then, we compare the input

value. In case the user did not enter the value in the timer field; the program will show

an alert ‘please enter a value’ (figure 6.1.2). This can be seen in expression 1 in the

above figure. On the other hand, if the input is not a numeric value (figure 6.1.3) i.e. 0-

9 then it will again show an alert ‘please enter a number’ (expression 2). If the value

enter in field is numeric value; the program will proceed and refer to notifier. Thus,

change the content of the notifier.

16
 Figure: 6.1.2 the time is not enter

Figure: 6.1.3 the time entered is not numeric value

17
 6.2 String to SHA-1 algorithm implementation using servlet

Figure: 6.2.1 importing servlet package

 The javax.servlet and javax.servlet.http packages represent interfaces and classes

for servlet api.

 The javax.servlet package contains many interfaces and classes that are used by

the servlet or web container. These are not specific to any protocol.

 The javax.servlet.http package contains interfaces and classes that are

responsible for http requests only.

 In this proposed approach, we have import ServletException class in javax.servlet

package. And import interface httpservletRequest and httpservletResponse in

javax.servlet.http.

18
 Expression 3
Expression 4

Figure: 6.2.2 httpServlet doPost

In Figure 6.2.2, HttpServlet is used to extend Sampleservlet class. It contains parameter,

classes and methods. It also inherit the class doPost and doGet. Sampleservlet is a default

constructor. doPost is generally used to update or post some information to the HTTP

server(expression 3). In this proposed approach, we have used doPost to get the text. In

doPost parameters are sent in separate line. There is no maximum size for data.

‘Request.getParameter() is the method to get a value of the element that has the ID

attribute mentioned. ‘TextEncrypt’ is ID attribute which specified the text input by the

user in html code (figure 6.5.2). Variable ‘encText’ is used for inserting the value such as

in expression 4 where ‘sha1(textEncrypt)’ function is called (show in figure 6.2.3) to

encrypt the ID attribute i.e. textEncrypt.

19
 Figure: 6.2.3 SHA-1 algorithm

SHA-1 algorithm is used to encrypt the text input by the user. In the proposed approach,

we have taken written code. Java.security.MessageDigest is the package for SHA-1

(security provider).

20
6.3 Servlet call function using AJAX

Expression 5

Expression 6

Figure: 6.3.1 Servlet call function using AJAX

In figure 6.3.1, we have created a function i.e. ‘callServlet()’. Where the function in

servlet (figure 6.2.1) can be called by using AJAX. It allows to send and retrieve data

from a server asynchronously (in the background) without interfering with the display

and behavior of the existing page. In expression 5, we created a new object called

‘XMLHttpRequest()’ for asyncResquest. We have also used XMLHttpResquest object

properties i.e. onreadystatechange which is used to define a function to be called when

the ready state property change. In expression 6, ‘readystate’ and ‘status’ object

property is used to hold the status of XMLHttpRequest and to return the status-number of

a request respectively. Thus, ‘asyncRequest.readystate == 4 && asyncRequest.status

== 200’ means request finish and response is ready and status is ‘OK’ then the program

can proceed forward. Then, it will get the value of the text to be encrypt and response

data in string by using ‘responseText’ object property. Open() and send() method are

XMLHttpRequest object used to send the request to a server.

21
6.4Hidden text field and button once the time starts

Expression 7

Expression 8

Expression 9

Expression 10

Expression 11

Figure: 6.4.1 function to hidden button and text field

In figure 6.4.1, hideElements() function used style.display = ‘none’ is created to hide

the buttons once the timer starts (figure 6.4.3). Hiding an element can be done by setting

the display property to none as shown in expression 7.

readOnlyText() function (expression 8) is the property sets or returns whether a text

field is read-only, or not. A read-only field cannot be modified. However, a user can tab

to it, highlight it, and copy the text from it.

22
changeText() function (expression 9) is used to change the label of the text from ‘enter

the text to be encrypted’ to ‘ text will be encrypted when the timer counts down (figure

6.4.3).

toMinuteandSecond() function (expression 10) used math.floor() function to round off

the exact time i.e. seconds to minutes in case if the time more than 60 seconds is entered.

For instance, if the user input the time for 60 seconds, the program will convert it to

minutes i.e. 1:00 minutes instead of showing 0.60 seconds.

setTimer() function is used as timer to decrement the countdown. It is also used to

display the message at each time intervals such as 10 seconds left and 5 seconds left.

clearField() function is used to clear the value enter by the user in both text field and

the time field as shown in figure6.4.2 .

Figure: 6.4.2 clearField() function

23
 ChangeText()

HideElment()
The buttons are hidden

Figure: 6.4.3 Effect of code implementation

24
 6.5 HTML/CSS implementation using bootstrap

Expression 12

Figure: 6.5.1 HTML code

With HTML/CSS we have created GUI page according to what we have designed earlier

in the project.

The following tags and attributes are used:

<script> tag used to define the client-side script (java script). In this proposed project

<script tag> is used to both contains scripting statement as we shown in figure 6.3.1 and

figure 6.4.1.

<div> tag is used to group block-elements to format them with CSS. It defines a division

or section in HTML code.

Class attribute specifies one or more class names for an HTML element. The class name

can be used by CSS and JavaScript to perform certain tasks for elements with the

specified class name. In figure 6.5.1, we have specified the class as ‘container’. It

25
contains various attributes such as label which is used to label the text ‘Enter the text to

be encrypted’. However, once the time start the label change. This is achieved through

changeText() function in figure 6.4.1.

Bootsrap CSS form is used in expression 12, to create a text area which allow the user to

input the text to be encrypted. ‘textEncrypt’ is the attribute ID for input text. ‘hidden’

attribute ID is associated with HideElement() function (figure 6.4.1) which is used to

hide the button and text field once the timer starts.

Then, we created another label ‘Enter the time limits’. Under that we have put the

inputs types for bootstrap form such as text and button. Text input type allow the user to

enter the time limit along with associates the value to attribute ID is ‘usertime’. Button

type is used to proceed the code on mouse click action. In other word, once the user click

on ‘encrypt’ button; startTimer() function will start executing. Clear button is used to

clear the user inputs.

26
 Label
Textarea to input the
test to be encrypted

Attribute ID:
textEncrypt

Label
Textarea to
enter the time Buttons on
mouse click
Attribute ID: action
usertime Figure: 6.5.2 output of implementation of HTML/CSS code

27
RESULT

Figure: 6.5.2 Final result of implementation with Hash code

Once the user input the text and time, the user should click on encrypt button.

The timer will start counting down and notify you at each intervals of when

the time will get over. When countdown time reaches zero the text will be

encrypted with SHA-1 algorithm. Thus, the user will not be able to view the

text again.

28
 7. CONCLUSION

In this proposed project, we have used the idea of Self-Destruction scheme in cloud

computing. We have implement the scheme by using SHA-1 algorithm approach.

Additionally, we have used various programing languages such as java script,

HTML/CSS, AJAX and servlet to implement this models.

The main proposed of this approach is to ensure that the text which is entered by the user

will be encrypted once the timer count reaches zero. we have successfully maintained the

integrity of the data with this approach as the text input by the user can no longer be alter

or access. Therefore, security in cloud information; in this case the text is achieved.

However, in this project we have developed only integrity aspect of the cloud security.

Thus, with further research we would be able to come up with a better idea for Self-

Destructing scheme in cloud computing.

29
 8. FUTURE SCOPE

One of the ways of implementing the self-destruct application is when users ask for

access to certain documents that are of sensitive nature. In this case, the server allows

access to the document along with a countdown time, which, once reaches zero,

automatically encrypts the data or the file that was requested. The scope of this is not just

limited to text, but also to the other form of data as well, including documents, media and

so on. One of the ways of developing this application even further is by using a top-down

or bottom approach which comes under the JAX-WS Web Service Development.

Another aspect that can be implemented is the different types of encryption algorithms

available. In this case, depending on the complexity and the size of the data, a suitable

algorithm can be selected and implemented. Available options could be AES, Blowfish,

IDEA etc.

EXAMPLE:

Procedure upload
Email: Email address of the user
Password: secret password for authentication

BEGIN

Check user_id

if user_id new then

Register the user to the system
else
validate user_id and password

30
check for request or upload

if upload then
upload(file, timer, algorithm(key))
else
if file available
start countdown timer
Else
“Request denied”;
Endif
endif;
END;

31
 9. APPENDIX

9.1 CODE SNIPET

Expression 1

Expression 2

Figure: 6.1.1 the timer code

Figure: 6.1.2 the time is not enter

32
Figure: 6.1.3 the time entered is not numeric value

Figure: 6.2.1 importing servlet package

33
Figure: 6.2.2 httpServlet doPost

Figure: 6.2.3 SHA-1 algorithm

34
Figure: 6.3.1 Servlet call function using AJAX

35
Figure: 6.4.1 function to hidden button and text field

Figure: 6.4.2 clearField() function

36
Figure: 6.4.3 Effect of code implementation

Figure: 6.5.1 HTML code

37
 Label
Textarea to input the
test to be encrypted

Attribute ID:
textEncrypt

Label
Textarea to
enter the time Buttons on
mouse click
Attribute ID: action
usertime
Figure: 6.5.2 output of implementation of HTML/CSS code

Figure: 6.5.2 Final result of implementation with Hash code

38
 BIBLIOGRAPHY

1. AJAX Send an XMLHttpRequest To a Server. [online] Available at:

https://www.w3schools.com/js/js_ajax_http_send.asp [Accessed 7 Mar. 2018].

2. AJAX Introduction. [online] Available at:

https://www.w3schools.com/js/js_ajax_intro.asp [Accessed 7 Mar. 2018].

3. Bootstrap CSS Forms Reference. [online] Available at:

https://www.w3schools.com/bootstrap/bootstrap_ref_css_forms.asp [Accessed 7
Mar. 2018].

4. Eprint.iacr.org. (2018). [online] Available at:

https://eprint.iacr.org/2010/347.pdf [Accessed 7 Mar. 2018].

5. Gist. (2018). Hashing a String with SHA1 in Java. [online] Available at:
https://gist.github.com/giraam/7413306 [Accessed 7 Mar. 2018].

6. HttpServlet class in Servlet - javatpoint. [online] Available

at:https://www.javatpoint.com/HttpServlet-class [Accessed 7 Mar. 2018].

7. Ijcsit.com. (2018). [online] Available at:

http://ijcsit.com/docs/Volume%207/vol7issue2/ijcsit2016070279.pdf [Accessed 7
Mar. 2018].

8. Ijana.in. (2018). [online] Available at:

http://www.ijana.in/Special%20Issue/TPID04.pdf [Accessed 7 Mar. 2018].

9. Math.floor(). [online] Available at: https://developer.mozilla.org/en-

US/docs/Web/JavaScript/Reference/Global_Objects/Math/floor [Accessed 7 Mar.
2018].

10. Pdgindia.com. (2018). [online] Available at:

http://pdgindia.com/uploads/a_secure_data_self-
destructing_scheme_in_cloud_computing276201635735.pdf [Accessed 7 Mar.
2018].

39
11. Servlets Tutorial. [online] Available
at:https://www.tutorialspoint.com/servlets/index.htm [Accessed 7 Mar. 2018] <
www.tutorialspoint.com. >.

12. Servlets Form Data. [online] Available at:

https://www.tutorialspoint.com/servlets/servlets-form-data.htm [Accessed 7 Mar.
2018].

13. What is difference between doGet() and doPost() ?. [online] Available at:
https://www.javatpoint.com/q/3714/what-is-difference-between-doget()-and-
dopost()-? [Accessed 7 Mar. 2018].

14. Wang, C. and Luo, J. (2018). An Efficient Key-Policy Attribute-Based Encryption

Scheme with Constant Ciphertext Length.

15. Xiong, J., Liu, X., Yao, Z., Ma, J., Li, Q., Geng, K. and Chen, P. (2014). A Secure
Data Self-Destructing Scheme in Cloud Computing. IEEE Transactions on Cloud
Computing, 2(4), pp.448-458.

40