P PDS
P PDS
External Applications
1. INTRODUCTION
1.1. INTRODUCTION
Nowadays personal data we are digitally producing are scattered in different
online systems managed by different providers (e.g., online social media, hospitals,
banks, airlines, etc). In this way, on the one hand users are losing control on their
data, whose protection is under the responsibility of the data provider, and, on the
other, they cannot fully exploit their data, since each provider keeps a separate view
of them. To overcome this scenario, Personal Data Storage (PDS) has inaugurated a
substantial change to the way people can store and control their personal data,by
moving from a service-centric to a user-centric model.
PDSs enable individuals to collect into a single logical vault personal
information they are producing. Such data can then be connected and exploited by
proper analytical tools, as well as shared with third parties under the control of end
users. This view is also enabled by recent developments in privacy legislation and, in
particular, by the new EU General Data Protection Regulation (GDPR), whose art. 20
states the right to data portability, according to which the data subject shall have the
right to receive the personal data concerning him or her, which he or she has provided
to a controller, in a structured, commonly used and machine-readable format, thus
making possible data collection into a PDS.
Up to now, most of the research on PDS has focused on how to enforce user
privacy preferences and how to secure data when stored into the PDS (see Section 7
for more details). In contrast, the key issue of helping users to specify their privacy
preferences on PDS data has not been so far deeply investigated. This is a
fundamental issue since average PDS users are not skilled enough to understand how
to translate their privacy requirements into a set of privacy preferences. As several
studies have shown, average users might have difficulties in properly setting
potentially complex privacy preferences. For example, let us consider Facebooks
privacy setting, where users need to configure the options manually according to their
desire. In , authors survey users awareness, attitudes and privacy concerns on profile
information and find that only a small number of users change the default privacy
preferences on Facebook. Interestingly, in authors find that even when users have
changed their default privacy settings, the modified settings do not match the
expectations (these are reached only for 39% of users). Moreover, another survey in
Page 1
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
has shown that Facebook users are not aware enough on protection tools that designed
to protect their personal data. According to their study the majority (about 88%) of
users had never read the Facebook privacy policy. To help users on protecting their
PDS data, in , we have evaluated the use of different semi-supervised machine
learning approaches for learning privacy preferences of PDS owners. The idea is to
find a learning algorithm that, after a training period by the PDS owner, returns a
classifier able to automatically decide if access requests submitted by third parties are
to be authorized or denied. In , we have shown that, among different semi-supervised
learning approaches, the one that better fits the considered scenario is ensemble
learning (see Section 2 for more details). Even though the identification of the
learning approach is an essential step, the design of a Privacy-aware Personal Data
Storage (P-PDS), that is, a PDS able to automatically take privacy-aware decisions on
third parties access requests requires further investigation. One critical aspect to
consider is the usability of the system. Even if semi-supervised techniques require less
users effort, compared to manually setting privacy preferences, they still require many
interactions with PDS owners to collect a good training dataset.
Page 2
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
2. LITERATURE SURVEY
1) B. C. Singh, B. Carminati, and E. Ferrari, “Learning privacy habits of pds
owners,” in Distributed Computing Systems (ICDCS), 2017 IEEE 37th
International Conference on. IEEE, 2017, pp. 151–161.
The concept of Personal Data Storage (PDS) has recently emerged as an
alternative and innovative way of managing personal data w.r.t. the service-centric
one commonly used today. The PDS offers a unique logical repository, allowing
individuals to collect, store, and give access to their data to third parties. The research
on PDS has so far mainly focused on the enforcement mechanisms, that is, on how
user privacy preferences can be enforced. In contrast, the fundamental issue of
preference specification has been so far not deeply investigated. In this paper, we do a
step in this direction by proposing different learning algorithms that allow a fine-
grained learning of the privacy aptitudes of PDS owners. The learned models are then
used to answer third party access requests. The extensive experiments we have
performed show the effectiveness of the proposed approach.
2) B. C. Singh, B. Carminati, and E. Ferrari, “A risk-benefit driven architecture
for personal data release,” in Information Reuse and Integration (IRI), 2016
IEEE 17th International Conference on. IEEE, 2016, pp. 40–49.
Personal data storages (PDSs) give individuals the ability to store their
personal data in a data unified repository and control release of their data to data
consumers. Being able to gather personal data from different data sources (e.g., banks,
hospitals), PDSs will play strategic role in individual privacy management. As such,
PDS demands for new privacy models for protecting personal data. In this paper, we
propose a new technical approach that empowers individuals to better control data in
PDS. Particularly, we present a privacy-aware PDS architecture by focusing on two
logical data zones based on the categories of personal data. Moreover, we propose a
strategy for regulating personal data release that takes in consideration both user
preferences and possible risks and benefits of the data release.
Page 3
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 4
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 5
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
3. SYSTEM ANALYSIS
3.1 EXISTING SYSTEM
Oort is a user-centric cloud storage system that organizes data by users rather
than applications, considering global queries which find and combine relevant
data fields from relevant users. Moreover, it allows users to choose which ap-
plications can access their own data, and which types of data to be shared with
which users. Sieve allows user to upload encrypted data to a single cloud
storage. It utilizes key-homomorphic scheme to provide cryptographically en-
forced access control.
Amber has proposed an architecture where users can choose applications to
manipulate their data but it does not mention either how the global queries
work or how the application providers interact with. In , authors developed a
user-centric framework that share with third parity only the answers to a query
instead of the raw data. Mortier et al. have proposed a trusted platform called
Databox, which can manage personal data by a fine grained access control
mechanism but do not focus on policy learning. Recently, proposed a Block
chain-based Personal Data Store (BC-PDS) framework, which leverages on
BlockChain to secure the storage of personal data. However, all the above pro-
posals focus on access control enforcement, whereas they do not consider
user preference or policy learning.
Privacy preference enforcement have been also investigated in different do-
mains, such as for instance social networks where most of the platforms offer
users a privacy setting page to manually set their privacy preferences. Re-
search works have tried to alleviate the burden of this setting, by exploiting
machine learning tools. For instance, have investigated the use of semi-super-
vised and unsupervised approaches to automatically extract privacy settings in
social media. In , authors have considered location based data. They have
compared the accuracy of manually set privacy preferences with the one of an
automated mechanism based on machine learning. The results show that ma-
chine learning approaches provide better result than user-defined policies.
Bilogrevic et al. also present a privacy preference framework that (semi)auto-
Page 6
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
PRELIMINARY INVESTIGATION
Page 7
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
The first and foremost strategy for development of a project starts from the
thought of designing a mail enabled platform for a small firm in which it is easy and
convenient of sending and receiving messages, there is a search engine ,address book
and also including some entertaining games. When it is approved by the organization
and our project guide the first activity, ie. preliminary investigation begins. The
activity has three parts:
Request Clarification
Feasibility Study
Request Approval
REQUEST CLARIFICATION
After the approval of the request to the organization and project guide,
with an investigation being considered, the project request must be examined to
determine precisely what the system requires.
Here our project is basically meant for users within the company
whose systems can be interconnected by the Local Area Network(LAN). In today’s
busy schedule man need everything should be provided in a readymade manner. So
taking into consideration of the vastly use of the net in day to day life, the
corresponding development of the portal came into existence.
FEASIBILITY ANALYSIS
Page 8
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Economic Feasibility
Economic Feasibility or Cost-benefit is an assessment of the economic
justification for a computer based project. As hardware was installed from the
beginning & for lots of purposes thus the cost on project of hardware is low. Since the
system is a network based, any number of employees connected to the LAN within
that organization can use this tool from at anytime. The Virtual Private Network is to
be developed using the existing resources of the organization. So the project is
economically feasible.
Technical Feasibility
According to Roger S. Pressman, Technical Feasibility is the assessment of
the technical resources of the organization. The organization needs IBM compatible
machines with a graphical web browser connected to the Internet and Intranet. The
system is developed for platform Independent environment. Java Server Pages,
JavaScript, HTML, SQL server and WebLogic Server are used to develop the system.
The technical feasibility has been carried out. The system is technically feasible for
development and can be developed with the existing facility.
3.4 MODULES OF PROJECT
3.4.1 DATA OWNER
In this module, Data owner has to register to cloud and logs in, Encrypts and
uploads a file to cloud server and also performs the following operations such as
Register with department (Cardiology, Neprology, etc) and Specialist (Heart ,Brain,
Kidney) and Login and View Profile ,Upload patient details with
(pid,pname,paddress,dob,email,cno,age,hospitalname,Disease,blood group, Symptom,
attach disease file, attach user image) and encrypt all attribute except pname ,Select
patient name details uploaded and Set Access Control permission like by selecting
Department and Profession and View all uploaded patient Details with date and
Time ,View all Access Control provided details with date and Time.
3.4.2 Ehealthcare CLOUD SERVER
In this module the cloud will authorize both the owner and the user and also
performs the following operations such as View all patient details in decrypt mode
and View all Access Control Details, View all Transactions (like upload, download,
search) and View secret key request and response details with date and Time View
Page 9
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
No.of same disease in chart, View Patient Rank in chart and View No.Of attackers on
patient accessing by wrong secret Key
3.4.3 Authority
In this module, the Authority performs the following operations such as Login
,view Owners and authorize and View Users and authorize,List all secret key request
details and generate and permit with date and Time and List all attackers Details with
date and Time by wrong secret Key with date and Time.
3.4.4 End USER
In this module, the user has to register to cloud and log in and performs the
following operations such as Register with Deparment(Cardiology,Neprology,etc) and
Profession(like Doctor,nurse,Surgeon etc) and Login ,View Profile and Search patient
details by content keyword(Display patient files and details if access control is given)
and request secret key and List all secret key permitted response from Authority and
give download option here only.
Page 10
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 11
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
5. SYSTEM DESIGN
5.1 INTRODUCTION
A graphical tool used to describe and analyze the moment of data through a
system manual or automated including the process, stores of data, and delays in the
system. Data Flow Diagrams are the central tool and the basis from which other
components are developed. The transformation of data from input to output, through
processes, may be described logically and independently of the physical components
associated with the system. The DFD is also known as a data flow graph or a bubble
chart.
DFDs are the model of the proposed system. They clearly should show the
requirements on which the new system should be built. Later during design activity
this is taken as the basis for drawing the system’s structure charts. The Basic
Notation used to create a DFD’s are as follows:
1. Dataflow: Data move in a specific direction from an origin to a destination.
2. Process: People, procedures, or devices that use or produce (Transform) Data. The
physical component is not identified.
Page 12
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 13
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Mapping Constraints
An E-R diagram may define certain constraints which the contents of a database must
conform.
Mapping Cardinalities
It expresses the number of entities to which another entity can be associated
via a relationship. For binary relationship sets between entity sets A and B, the
mapping cardinality must be one of the following:
One-to-One – An entity in A is associated with at most one entity in B, and an entity
in B is associated with at most one entity in A.
One-to-many -An entity in A is associated with any number in B. An entity in B is
associated with any number in A.
Many-to-many – Entities in A and B are associated with any number from each
other.
Cardinality: It indicates that which type relationship the business rule follows is
called cardinality.
Connectivity: It specifies that which type of notation the entities are connected in
both sides that one side or many side.
5.2 DATA DICTIONARY
The logical characteristics of current systems data stores, including name,
description, aliases, contents, and organization, identifies processes where the data are
used and where immediate access to information required, Serves as the basis for
identifying database requirements during system design.
Uses of Data Dictionary
To manage the details in large systems.
To communicate a common meaning for all system elements.
To Document the features of the system.
To facilitate analysis of the details in order to evaluate characteristics and
determine where system changes should be made.
To locate errors and omissions in the system.
5.3 UML DIAGRAMS
It is a language to specifying, visualizing and constructing the artifacts of
software system as well as for business models. UML was originally motivated by
the desire to standardize the disparate notational system and approaches to software
Page 14
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
design developed by Grady Booch, Ivar Jacobson and James Rumbaugh at Rational
Software in 1994-95. The UML notation is useful for graphically depicting Object
Oriented Analysis and Object Oriented Design modules. The unified modeling
language is a standard language for specifying, Visualizing, Constructing and
documenting the software system and its components. It is a graphical language that
provides a vocabulary and set of semantics and rules. The UML focuses on the
conceptual and physical representation of the system. It captures the decisions and
understandings about systems that must be constructed. It is used to understand,
design, configure, maintain and control information about the systems.
An Overview of UML
The Unified Modeling Language is a language for
Visualizing.
Specifying.
Constructing.
Documenting.
UML Models
User model view
This view represents the system from the user’s perspective.
The analysis representation describes a usage scenario from the end-users
perspective.
Structural model view
In this model the data and functionality are arrived from inside the system.
This model view models the static structures.
Behavioral model view
It represents the dynamic of Behavioral as parts of the system, depicting the
interactions of collection between various structural elements described in the user
model and structural model view.
Implementation model view
In this the structural and behavioral as parts of the system are represented as
they are to be built.
Page 15
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 16
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Use Case is rendered as an ellipse with dashed lines, usually including only its name
as shown below.
Fig : Interface
Collaboration
Collaboration defines an interaction and is a society of roles and other
elements that work together to provide some cooperative behaviour that’s bigger than
the sum of all the elements. Graphically, collaboration is rendered as an ellipse with
dashed lines, usually including only its name as shown below.
Page 17
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Component
Component is a physical and replaceable part of a system that conforms to and
provides the realization of a set of interfaces. Graphically, a component is rendered as
a rectangle with tabs, usually including only its name, as shown below.
Behavioral Things
Behavioral things are the dynamic parts of UML models. These are the verbs
of a model, representing behavior over time and space.
Interaction
An interaction is a behavior that comprises a set of messages exchanged
among a set of objects within a particular context to accomplish a specific purpose.
Display
Fig : Sample Interaction Diagram
State Machine
A state machine is a behavior that specifies the sequence of states an object or
an interaction goes through during its lifetime on response to events, together with its
responses to those events. Graphically, a state is rendered as rounded rectangle
usually including its name and its sub-states, if any, as shown below.
Page 18
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 19
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Fig : Dependency
Second, an association is a structural relationship that describes a set of links, a link
being a connection among objects. Aggregation is a special kind of association,
representing a structural relationship between a whole and its parts. Graphically, an
association is rendered as a solid line, possibly directed, occasionally including a
label, and often containing other adornments, such as multiplicity and role names.
Employer Employee
Fig : Association
Third, a generalization is a specialization/generalization relationship in which objects
of the specialized element are substitutable for objects of the generalized element (the
parent). In this way, the child shares the structure and the behavior of the parent.
Graphically a generalization relationship is rendered as a solid line with a hollow
arrowhead pointing to the parent.
Fig : Generalization
Fourth, a realization is a semantic relationship between classifiers, wherein one
classifier specifies a contract that another classifier guarantees to carry out. You’ll
encounter realization relationships in two places between interfaces and the classes or
components that realize them and between use cases and the collaborations that
realize them.
Fig : Realization
Each UML diagram is designed to let developers and customers view a software
system from a different perspective and in varying degrees of abstraction. Use Case
Diagram displays the relationship among actors and use cases.
Class Diagram models class structure and contents using design elements such as
classes, packages and objects. It also displays relationships such as containment,
inheritance, associations and others.
Interaction Diagrams
Sequence Diagram displays the time sequence of the objects participating in the
interaction. This consists of the vertical dimension (time) and horizontal dimension
(different objects).
Page 20
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 21
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 22
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 23
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
end users. A class diagram is a collection of static modeling elements, such as classes
and their relationships, connected as a graph to each other and to their contents.
Class diagrams commonly contain the following things:
Classes.
Interfaces.
Collaborations.
Dependency, Generalization and association relationships.
Page 24
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Description
It contains
Object: It is represented as horizontal rectangle.
Object Lifeline: It represents the existence of an object at a particular instance of
time and is represented as
Focus of control: It is a tall, thin rectangle that shows the period of time during
which an object is performing an action.
It is a type interaction diagram that shows the interaction between a set of object. The
way they are linked to each other and also the message.
Page 25
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 26
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Action states represent the non interruptible actions of objects. You can draw
an action state in Smart Draw using a rectangle with rounded corners.
Action Flow
Action flow arrows illustrate the relationships among action states.
Object Flow
Object flow refers to the creation and modification of objects by activities. An
object flow arrow from an action to an object means that the action creates or
influences the object.
Initial State
A filled circle followed by an arrow represents the initial action state.
Final State
An arrow pointing to a filled circle nested inside another circle represents the
final action state.
Branching
A diamond represents a decision with alternate paths. The outgoing alternates
should be labeled with a condition or guard expression. You can also label one of the
paths "else'.
Synchronization
A synchronization bar helps illustrate parallel transitions. Synchronization is
also called forking and joining.
Page 27
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 28
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 29
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool
or a Web browser that can run applets, is an implementation of the Java VM. Java
byte codes help make “write once, run anywhere” possible. You can compile your
program into byte codes on any platform that has a Java compiler. The byte codes can
then be run on any implementation of the Java VM. That means that as long as a
computer has a Java VM, the same program written in the Java programming
language can run on Windows 2000, a Solaris workstation, or on an iMac.
Page 30
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
known as packages. The next section, What Can Java Technology Do? Highlights
what functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform.
As the figure shows, the Java API and the virtual machine insulate the program from
the hardware.
Native code is code that after you compile it, the compiled code runs on a
specific hardware platform. As a platform-independent environment, the Java
platform can be a bit slower than native code. However, smart compilers, well-tuned
interpreters, and just-in-time byte code compilers can bring performance close to that
of native code without threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming
language are applets and applications. If you’ve surfed the Web, you’re probably
already familiar with applets. An applet is a program that adheres to certain
conventions that allow it to run within a Java-enabled browser.
However, the Java programming language is not just for writing cute,
entertaining applets for the Web. The general-purpose, high-level Java programming
language is also a powerful software platform. Using the generous API, you can write
many types of programs.
An application is a standalone program that runs directly on the Java platform.
A special kind of application known as a server serves and supports clients on a
network. Examples of servers are Web servers, proxy servers, mail servers, and print
servers. Another specialized program is a servlet. A servlet can almost be thought of
as an applet that runs on the server side. Java Servlets are a popular choice for
building interactive web applications, replacing the use of CGI scripts. Servlets are
similar to applets in that they are runtime extensions of applications. Instead of
working in browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.
Page 31
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
How does the API support all these kinds of programs? It does so with
packages of software components that provides a wide range of functionality. Every
full implementation of the Java platform gives you the following features:
The essentials: Objects, strings, threads, numbers, input and output,
data structures, system properties, date and time, and so on.
Applets: The set of conventions used by applets.
Networking: URLs, TCP (Transmission Control Protocol), UDP (User
Data gram Protocol) sockets, and IP (Internet Protocol) addresses.
Internationalization: Help for writing programs that can be localized
for users worldwide. Programs can automatically adapt to specific
locales and be displayed in the appropriate language.
Security: Both low level and high level, including electronic
signatures, public and private key management, access control, and
certificates.
Software components: Known as JavaBeansTM, can plug into existing
component architectures.
Object serialization: Allows lightweight persistence and
communication via Remote Method Invocation (RMI).
Java Database Connectivity (JDBCTM): Provides uniform access to a
wide range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility,
servers, collaboration, telephony, speech, animation, and more. The following figure
depicts what is included in the Java 2 SDK.
Page 32
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 33
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
includes its own header. The header includes the source and destination addresses.
The IP layer handles routing through an Internet. It is also responsible for breaking up
large datagram into smaller ones for transmission and reassembling them at the other
end.
UDP
UDP is also connectionless and unreliable. What it adds to IP is a checksum
for the contents of the datagram and port numbers. These are used to give a
client/server model - see later.
TCP
TCP supplies logic to give a reliable connection-oriented protocol above IP. It
provides a virtual circuit that two processes can use to communicate
Internet addresses
In order to use a service, you must be able to find it. The Internet uses an
address scheme for machines so that they can be located. The address is a 32 bit
integer which gives the IP address. This encodes a network ID and more addressing.
Network address
Class A uses 8 bits for the network address with 24 bits left over for other
addressing. Class B uses 16 bit network addressing. Class C uses 24 bit network
addressing and class D uses all 32.
Subnet address
Internally, the UNIX network is divided into sub networks. Building 11 is
currently on one sub network and uses 10-bit addressing, allowing 1024 different
hosts.
Host address
8 bits are finally used for host addresses within our subnet. This places a limit of 256
machines that can be on the subnet.
Total Address
The 32 bit address is usually written as 4 integers separated by dots.
Port addresses
A service exists on a host, and is identified by its port. This is a 16 bit number.
To send a message to a server, you send it to the port for that service of the host that it
Page 34
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
is running on. This is not location transparency! Certain of these ports are "well
known".
Sockets
A socket is a data structure maintained by the system to handle network
connections. A socket is created using the call socket. It returns an integer that is like
a file descriptor. In fact, under Windows, this handle can be used with Read File and
Write File functions.
#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);
Here "family" will be AF_INET for IP communications, protocol will be zero, and
type will depend on whether TCP or UDP is used. Two processes wishing to
communicate over a network create a socket each. These are similar to two ends of a
pipe - but the actual pipe does not yet exist.
JFree Chart
JFreeChart is a free 100% Java chart library that makes it easy for developers
to display professional quality charts in their applications. JFreeChart's extensive
feature set includes:
A consistent and well-documented API, supporting a wide range of chart types;
A flexible design that is easy to extend, and targets both server-side and client-side
applications;
Support for many output types, including Swing components, image files
(including PNG and JPEG), and vector graphics file formats (including PDF, EPS and
SVG);
JFreeChart is "open source" or, more specifically, free software. It is distributed under
the terms of the GNU Lesser General Public Licence (LGPL), which permits use in
proprietary applications.
1. Map
Charts showing values that relate to geographical areas. Some examples
include: (a) population density in each state of the United States, (b) income per
capita for each country in Europe, (c) life expectancy in each country of the world.
The tasks in this project include:
Page 35
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Sourcing freely redistributable vector outlines for the countries of the world,
states/provinces in particular countries (USA in particular, but also other areas).
Creating an appropriate dataset interface (plus default implementation), a rendered,
and integrating this with the existing XYPlot class in JFreeChart;
Testing, documenting, testing some more, documenting some more.
Implement a new (to JFreeChart) feature for interactive time series charts --- to
display a separate control that shows a small version of ALL the time series data, with
a sliding "view" rectangle that allows you to select the subset of the time series data to
display in the main chart.
1. Dashboards
There is currently a lot of interest in dashboard displays. Create a flexible
dashboard mechanism that supports a subset of JFreeChart chart types (dials, pies,
thermometers, bars, and lines/time series) that can be delivered easily via both Java
Web Start and an applet.
2. Property Editors
The property editor mechanism in JFreeChart only handles a small subset of the
properties that can be set for charts. Extend (or reemployment) this mechanism to
provide greater end-user control over the appearance of the charts.
J2ME (Java 2 Micro edition)
Sun Microsystems defines J2ME as "a highly optimized Java run-time environment
targeting a wide range of consumer products, including pagers, cellular phones,
screen-phones, digital set-top boxes and car navigation systems." Announced in June
1999 at the JavaOne Developer Conference, J2ME brings the cross-platform
functionality of the Java language to smaller devices, allowing mobile wireless
devices to share applications. With J2ME, Sun has adapted the Java platform for
consumer products that incorporate or are based on small computing devices.
6.3 DATABASE
SQL Level API
The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough level
for higher-level tools and APIs to be created. Conversely, it is at a high enough level
for application programmers to use it confidently. Attaining this goal allows for future
Page 36
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
tool vendors to “generate” JDBC code and to hide many of JDBC’s complexities from
the end user.
1. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In an
effort to support a wide variety of vendors, JDBC will allow any query statement to
be passed through it to the underlying database driver. This allows the connectivity
module to handle non-standard functionality in a manner that is suitable for its users.
1. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs. This goal
allows JDBC to use existing ODBC level drivers by the use of a software interface.
This interface would translate JDBC calls to ODBC and vice versa.
2. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers
feel that they should not stray from the current design of the core Java system.
3. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for only
one method of completing a task per mechanism. Allowing duplicate functionality
only serves to confuse the users of the API.
4. Use strong, static typing wherever possible
Strong typing allows for more error checking to be done at compile time; also,
less error appear at runtime.
5. Keep the common cases simple
Because more often than not, the usual SQL calls used by the programmer are
simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be
simple to perform with JDBC. However, more complex SQL statements should also
be possible.
They are,
1. TABLE
2. QUERY
3. FORM
4. REPORT
5. MACRO
Page 37
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 38
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
7. SOURCE CODE
Connect.jsp
<title>Quantifying Political Leaning</title><%@ page import="java.sql.*"%>
<%@ page import="java.util.*" %>
<%
Connection connection = null;
try {
Class.forName("com.mysql.jdbc.Driver");
connection =
DriverManager.getConnection("jdbc:mysql://localhost:3306/ppds","root","root");
String sql="";
}
catch(Exception e)
{
System.out.println(e);
}
%>
ow_access_control_per1.jsp
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Access Control Permission</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="css/style.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="css/coin-slider.css" />
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/cufon-aller.js"></script>
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/script.js"></script>
<script type="text/javascript" src="js/coin-slider.min.js"></script>
<script language="javascript" type="text/javascript">
</script>
Page 39
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
<style type="text/css">
<!--
.style1 {
font-size: 25px;
color: #33FF99;
}
.style2 {font-size: 25px}
-->
</style>
</head>
<body>
<div class="main">
<div class="header">
<div class="header_resize">
<div class="logo">
<h1><a href="index.html" class="style1 style2">Privacy-aware Personal Data
Storage P-PDS Learning how to Protect User Privacy from External
Applications</a></h1>
</div>
<div class="menu_nav">
<ul>
<li><a href="index.html"><span>Home Page</span></a></li>
<li class="active"><a href="owner_login.jsp"><span>PDS
Owner</span></a></li>
<li><a href="user_login.jsp"><span>User</span></a></li>
<li><a href="cs_login.jsp"><span>Cloud Server</span></a></li>
<li><a href="au_login.jsp"><span>Authority</span></a></li>
</ul>
</div>
<div class="clr"></div>
<div class="slider">
<div id="coin-slider"> <a href="#"><img src="images/slide1.jpg" width="960"
height="320" alt="" /> </a> <a href="#"><img src="images/slide2.jpg" width="960"
Page 40
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 41
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
}
catch (Exception e)
{
out.println(e.getMessage());
e.printStackTrace();
}
%>
<p> </p>
Page 42
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 43
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
8. TESTING
8.1 INTRODUCTION
The purpose of testing is to discover errors. Testing is the process of trying to
discover every conceivable fault or weakness in a work product. It provides a way to
check the functionality of components, sub assemblies, assemblies and/or a finished
product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.
8.2 TYPES OF TESTING
8.2.1 Unit Testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid outputs.
All decision branches and internal code flow should be validated. It is the testing of
individual software units of the application .it is done after the completion of an
individual unit before integration. This is a structural testing, that relies on knowledge
of its construction and is invasive. Unit tests perform basic tests at component level
and test a specific business process, application, and/or system configuration. Unit
tests ensure that each unique path of a business process performs accurately to the
documented specifications and contains clearly defined inputs and expected results.
8.2.2 Integration Testing
Integration tests are designed to test integrated software components to
determine if they actually run as one program. Testing is event driven and is more
concerned with the basic outcome of screens or fields. Integration tests demonstrate
that although the components were individually satisfaction, as shown by successfully
unit testing, the combination of components is correct and consistent. Integration
testing is specifically aimed at exposing the problems that arise from the
combination of components.
8.2.3 Functional Test
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.
Page 44
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 45
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Test objectives
All field entries must work properly.
Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
No duplicate entries should be allowed
All links should take the user to the correct page.
8.2.8 Integration Testing
Software integration testing is the incremental integration testing of two or
more integrated software components on a single platform to produce failures caused
by interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or – one step up – software
applications at the company level – interact without error.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
8.2.9 Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets the
functional requirements.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Page 46
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
EXPECTED
S. No. TEST CASES INPUT ACTUAL RESULT STATUS
RESULT
Registration
User User gets
1 Enter all fields Pass
Registration registered
is successful
Registration is
if user miss User not
2 User Fail
any field registered
Registration un successful
User home
Give the user
page should User home Page
3 User Login name and Pass
has been opened
password
be opened
Cloud page
Give Username Cloud page has
4 Cloud Login should be Pass
and password been opened
opened
Login Success
Give Username Data Owner
Data Owner fully and Data
5 Page has to Pass
Login Owner Page is
And Password Display
Displayed
Details
Upload Enter All the Details Should
6 Uploaded Pass
Details Details be Upload
Success Fully
Page 47
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
9. SCREENS
Page 48
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 49
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 50
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 51
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 52
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 53
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 54
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 55
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 56
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 57
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 58
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 59
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 60
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 61
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
Page 62
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
10. CONCLUSION
This paper proposes a Privacy-aware Personal Data Storage, able to
automatically take privacy-aware decisions on third parties access requests in
accordance with user preferences. The system relies on active learning complemented
with strategies to strengthen user privacy protection. As discussed in the paper, we
run several experiments on a realistic dataset exploiting a group of 360 evaluators.
The obtained results show the effectiveness of the proposed approach. We plan to
extend this work along several directions. First, we are interested to investigate how
P-PDS could scale in the IoT scenario, where access requests decision might depend
also on contexts, not only on user preferences. Also, we would like to integrate P-PDS
with cloud computing services (e.g., storage and computing) so as to design a more
powerful P-PDS by, at the same time, protecting users privacy.
Page 63
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
It is not possible to develop a system that makes all the requirements of the user. User
requirements keep changing as the system is being used. Some of the future enhancements that
can be done to this system are
The secret key sending to the user mail is our future work.
Page 64
Privacy-aware Personal Data Storage (P-PDS): Learning how to Protect User Privacy from
External Applications
12. BIBLIOGRAPHY
[1] B. C. Singh, B. Carminati, and E. Ferrari, “Learning privacy habits of pds
owners,” in Distributed Computing Systems (ICDCS), 2017 IEEE 37th International
Conference on. IEEE, 2017, pp. 151–161.
[2] Y.-A. de Montjoye, E. Shmueli, S. S. Wang, and A. S. Pentland, “openpds:
Protecting the privacy of metadata through safeanswers,” PloS one, vol. 9, no. 7, p.
e98790, 2014.
[3] B. M. Sweatt et al., “A privacy-preserving personal sensor data ecosystem,” Ph.D.
dissertation, Massachusetts Institute of Technology, 2014.
[4] B. C. Singh, B. Carminati, and E. Ferrari, “A risk-benefit driven architecture for
personal data release,” in Information Reuse and Integration (IRI), 2016 IEEE 17th
International Conference on. IEEE, 2016, pp. 40–49.
[5] M. Madejski, M. Johnson, and S. M. Bellovin, “A study of privacy settings errors
in an online social network,” in Pervasive Computing and Communications
Workshops (PERCOM Workshops), 2012 IEEE International Conference on. IEEE,
2012, pp. 340–345.
[6] L. N. Zlatolas, T. Welzer, M. Heriˇcko, and M. H¨ olbl, “Privacy antecedents for
sns self-disclosure: The case of facebook,” Computers in Human Behavior, vol. 45,
pp. 158–167, 2015.
[7] D. A. Albertini, B. Carminati, and E. Ferrari, “Privacy settings recommender for
online social network,” in Collaboration and Internet Computing (CIC), 2016 IEEE
2nd International Conference on. IEEE,2016, pp. 514–521.
[8] A. Acquisti and R. Gross, “Imagined communities: Awareness, information
sharing, and privacy on the facebook,” in International workshop on privacy
enhancing technologies. Springer, 2006, pp. 36– 58.
[9] R. Gross and A. Acquisti, “Information revelation and privacy in online social
networks,” in Proceedings of the 2005 ACM workshop on Privacy in the electronic
society. ACM, 2005, pp. 71–80.
[10] Y. Liu, K. P. Gummadi, B. Krishnamurthy, and A. Mislove, “Analyzing
facebook privacy settings: user expectations vs. reality,” in Proceedings of the 2011
ACM SIGCOMM conference on Internet measurement conference. ACM, 2011, pp.
61–70..
Page 65