ATTRIBUTE BASED DATA SHARING IN CLOUD COMPUTING

PROJECT REPORT

Submitted by

P.GOKUL RAJ 13RBECSE016

J.MUKESH KANNA 13RBECSE027

V.NAVEEN 13RBECSE031

In partial fulfillment for the award of the degree

of

BACHELOR OF ENGINEERING

in

COMPUTER SCIENCE AND ENGINEERING

KARPAGAM UNIVERSITY
(Karpagam Academy Higher Education)
COIMBATORE - 641021.
TAMILNADU, INDIA

MARCH 2017
 DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

This is to certify that the project entitled

ATTRIBUTE BASED DATA SHARING IN CLOUD COMPUTING

Is the bonafide record of project work done by

P.GOKUL RAJ 13RBECSE016

J.MUKESH KANNA 13RBECSE027

V.NAVEEN 13RBECSE031

Of B.E (Computer Science and Engineering) during the year 2016-2017

------------------------------------ ----------------------------------
Head of the Department Project Guide

Submitted for the Project Viva-Voce examination held on

----------------------------- ----------------------------
Internal Examiner External Examiner
 ACKNOWLEDGMENT
We thank our beloved Chancellor Dr.R. Vasanthakumar., is the back bone of institution for
providing everything and us in carrying out this main project report.

.We thank our beloved Vice Chancellor Dr.S.Sudalaimuthu., who is the back bone of institution
for providing everything and us in carrying out this main project report.

I sincerely thank Dr.G.Sekar., Registrar for mentoring is in the best possible ways and
encouraging us in all aspects of curriculum and co-curriculum activities

We thank our beloved Chief Executive officer Dr.,Shri.K.Murugaiah., is the back bone of
institution for providing everything and us in carrying out this main project report

If word are considered to as symbols of approval and token of acknowledges, then led the words
play the heralding role of expressing my gratitude.

I express my sense of gratitude to our Dean Dr.D.Lakshmanan., for providing me an

opportunity to undertake this main project report.

I am highly indebted to acknowledge my deep sense of gratitude to Dr.M.Mohanapriya , Head

,Department of Computer Sience and Engineering for his valuable guidance for the successful
completion of this main project.

I feel great pleasure in owing sincere thanks to my project co-ordinator Dr.R.Santhosh ,and
Dr.B.ArunKumar, Assistant professor ,Department of Computer Science and Engineering for his
constant encouragement to carry out the main project report to great success

I feel great pleasure in owing sincere thanks to my project guide Mr.A.Vijay,ME Assistant
professor ,Department of Computer Science and Engineering for his constant encouragement to carry
out the main project report to great success.

I whis to express my thanks to all our staff members of department of Computer Science and
Engineering for their constant encouragement to make my Main project a great success.
 DECLARATION

I affirm that the project work entitled ATTRIBUTE BASED DATA SHARING IN

CLOUD COMPUTING being submitted in partial fulfillment for the award of B.E. COMPUTER

SCIENCE AND ENGINEERING is the original work carried out by us. It has not formed the part

of any other project work submitted for award of any degree or diploma, either in this or any other

University.

P.GOKUL RAJ 13RBECSE016

J.MUKESH KANNA 13RBECSE027
V.NAVEEN 13RBECSE031

I certify that the declaration made above by the candidate is true

---------------------------------

Signature of the Guide,

A.VIJAY. ME
ABSTRACT:

Cipher text-policy attribute-based encryption (CP-ABE) is a very promising

encryption technique for secure data sharing in the context of cloud computing. Data owner is
allowed to fully control the access policy associated with his data which to be shared.

However, CP-ABE is limited to a potential security risk that is known as key escrow
problem, whereby the secret keys of users have to be issued by a trusted key authority.
Besides, most of the existing CP-ABE schemes cannot support attribute with arbitrary state.

In this paper, we revisit attribute-based data sharing scheme in order to solve the key
escrow issue but also improve the expressiveness of attribute, so that the resulting scheme is
more friendly to cloud computing applications.

We propose an improved two-party key issuing protocol that can guarantee that
neither key authority nor cloud service provider can compromise the whole secret key of a
user individually.

Moreover, we introduce the concept of attribute with weight, being provided to

enhance the expression of attribute, which can not only extend the expression from binary to
arbitrary state, but also lighten the complexity of access policy.

Therefore, both storage cost and encryption complexity for a cipher text are relieved.
The performance analysis and the security proof show that the proposed scheme is able to
achieve efficient and secure data sharing in cloud computing.
CHAPTER NO TITLE
PAGE NO

1 INTRODUCTION
1

2 LITERATURE SURVEY

2.1 Security challenges and improvement

2.2 Resources and data coloring

2.3 New frontier of internet computing

3 SYSTEM DESCRIPTION
3.1 Feasibility study

3.1.1 Technical feasibility

3.1.2 Economical feasibility

3.1.3 Operational feasibility

3.2 Existing system

3.3 Proposed system

3.4 System specification

4 SYSTEM DESIGN

4.1 Design specification

4.2 Normalization

4.3 Process modeling

4.4 Software requirement analysis

4.5 Maintenance

4.6 System architecture

5 MODULE DESCRIPTION

5.1 Case study at data collection

5.2 Admin authentication

5.3 Group member

5.4 Hacker identification

 6 IMPLEMENTATION AND TESTING

6.1 Sample code

6.2 System testing

6.3 Acceptance testing

6.4 Test case

6.5 Structure of test case

7 RESULT AND SCREEN SHOT

7.1 Result

7.2 Screen shot

7.3 Conclusion

8 REFERENCES
 CHAPTER 1
INTRODUCTION

1
CLOUD COMPUTING:

In the old days of telecommunication, a cloud symbolized the Internet.

Today, that symbol has evolved to focus on shared resources software and
information provided to computers and other devices on demand. Cloud
computing offers many benefits, such as flexibility and instant access to the
latest data and applications. But there are also risks, such as the dependency
on high-availability, high-performance network connections, and not least
security and privacy.

What Cloud?

The “cloud” in cloud computing originated in network diagrams, where it

indicated the boundary of network interconnections. The cloud computing
paradigm is characterized

TRANSACTIONAL RESOURCE ACQUISITION: Upon request, users

receive immediate access to computational and storage resources according to
an agreement with a service provider (involving payment, if the provider is a
commercial entity). This contrasts with resource sharing schemes, such as grid
computing, in which users submit a computation job that goes into a queue
until the required resources become available.

NONFEDERATED RESOURCE PROVISIONING: Even if available

resources are physically distributed, they’re offered by a single provider.
They’re not the sum total of a federation of independent providers again, in
contrast to grid computing.

A METERED RESOURCE: The provider meters resource usage whether

computational, storage, or network and bills users, if it’s a commercial entity,
or manages fair use and sharing, if it’s a public operation.

2
 Transactional resource acquisition gives users an intuitive interface to a
one-stop service shop. Non federated provisioning frees providers from
negotiations and service amalgamation with different resource providers.

These characteristics are requirements for all cloud infrastructures.

However, as is often the case with requirements, there’s more than one way to
meet them.

For example, if we’re interested in who operates the cloud infrastructure,

the options are

PRIVATE CLOUDS: An organization installs its own farm of computers

and disks and uses cloud technologies to provision resources. In effect, the
organization centralizes all IT cloud operations at a single point.

PUBLIC CLOUDS: A special cloud-infrastructure provider offers

computing services to public users.

HYBRID CLOUDS: An organization operating private clouds might

offload part of its workload to a public cloud for example, when the workload
exceeds private capacities. This is called cloud bursting, and the combined
infrastructure is a hybrid cloud.

If we’re interested in what kind of stuff we can deploy on a cloud

infrastructure, cloud providers offer three service levels:

SOFTWARE AS a SERVICE (SAAS): Users access software applications,

typically paying per use. SaaS providers include Salesforce.com, Google Apps,
Microsoft Cloud Services, and Rackspace.

PLATFORM AS a SERVICE (PAAS): Software developers access a

development platform on which to write and deploy their own applications. The
platform typically comprises APIs for one or more supported languages.

3
Example platforms include Google App Engine, Microsoft Azure, and
Force.com.

INFRASTRUCTURE AS a SERVICE (IAAS): Software developers can

access bare infrastructure for computing, storage, and networking. They carve
out a small data center from the provider’s resources, using it as their own and
deploy applications in it. The resources are usually, but not necessarily,
virtualized. Amazon EC2 Right Scale is an example service; private clouds built
with virtual machine (VM) management software are another.

OUR PAPER:

Cloud computing has been envisioned as the next generation

architecture of the IT enterprise due to its long list of unprecedented
advantages in IT:

 On demand self-service

 Ubiquitous network access

 Location-independent resource pooling

 Rapid resource elasticity

 Usage-based pricing and

 Transference of risk.

One fundamental aspect of this new computing model is that data is

being centralized or outsourced into the cloud. From the data owners’
perspective, including both individuals and IT enterprises, storing data
remotely in a cloud in a flexible on-demand manner brings appealing benefits:
relief of the burden of storage management, universal data access with
independent geographical locations, and avoidance of capital expenditure on
hardware, software, personnel maintenance, and so on.
4
 While cloud computing makes these advantages more appealing
than ever, it also brings new and challenging security threats to the outsourced
data. Since cloud service providers (CSP) are separate administrative entities,
data outsourcing actually relinquishes the owner’s ultimate control over the
fate of their data.

As a result, the correctness of the data in the cloud is put at risk due to
the following reasons:

First of all, although the infrastructures under the cloud are much more
powerful and reliable than personal computing devices, they still face a broad
range of both internal and external threats to data integrity. Outages and
security breaches of noteworthy cloud services appear from time to time.
Amazon S3’s recent downtime, Gmail’s mass email deletion incident, and Apple
MobileMe’s post-launch downtime are all such examples.

Second, for benefits of their own, there are various motivations for CSPs
to behave unfaithfully toward cloud customers regarding the status of their
outsourced data. Examples include CSPs, for monetary reasons, reclaiming
storage by discarding data that has not been or is rarely accessed or even
hiding data loss incidents to maintain a reputation. In short, although
outsourcing data into the cloud is economically attractive for the cost and
complexity of long-term large-scale data storage, it does not offer any guarantee
on data integrity and availability. This problem, if not properly addressed, may
impede successful deployment of the cloud architecture.

As data owners no longer physically possess the storage of their data,

traditional cryptographic primitives for the purpose of data security protection
cannot be directly adopted. In particular, simply downloading the data for its
integrity verification is not a practical solution due to the high cost of

5
input/output (I/O) and transmission across the network. Besides, it is often
insufficient to detect data corruption only when accessing the data, as it does
not give correctness assurance for un accessed data and might be too late to
recover the data loss or damage. Considering the large size of the outsourced
data and the owner’s constrained resource capability, the tasks of auditing the
data correctness in a cloud environment can be formidable and expensive for
data owners. Moreover, from the system usability point of view, data owners
should be able to just use cloud storage as if it is local, without worrying about
the need to verify its integrity. Hence, to fully ensure data security and save
data owners’ computation resources, we propose to enable publicly auditable
cloud storage services, where data owners can resort to an external third party
auditor (TPA) to verify the outsourced data when needed.

Third party auditing provides a transparent yet cost-effective method for

establishing trust between data owner and cloud server. In fact, based on the
audit result from a TPA, the released audit report would not only help owners
to evaluate the risk of their subscribed cloud data services, but also be
beneficial for the cloud service provider to improve their cloud based service
platform.

In a word, enabling public risk auditing protocols will play an important

role for this nascent cloud economy to become fully established, where data
owners will need ways to assess risk and gain trust in the cloud.

6
 CHAPTER 2
LITERATURE SURVEY

7
2.1 Cloudy with a Chance of Security Challenges and Improvements

ABSTRACT:

Cloud computing is the latest wave in systems architectures. The cloud realizes computing
as a utility that is, customers submit their computing tasks to the cloud, which provides the
resources necessary to execute those tasks.

According to the US National Institute of Standards and Technology (NIST),“cloud

computing is a model for enabling convenient, on-demand network access to a shared pool
of configurable computing resources.” Rather than purchasing and maintaining an abundance
of hardware resources themselves, customers can “plug in” to the cloud, paying for only
those resources they use. This is particularly attractive to those customers whose resource
utilization might vary dramatically, or whose hardware and maintenance costs form a significant
fraction of their overall budget.

2.2 Trusted Cloud Computing With Secure Resources and Data Coloring

ABSTRACT:

Trust and security have prevented businesses from fully accepting cloud platforms. To
protect clouds, providers must first secure virtualized datacenter resources, uphold user privacy,
and preserve data integrity. The authors suggest using a trust-overlay network over multiple data
centers to implement a reputation system for establishing trust between service providers and
data owners. Data coloring and software watermarking techniques protect shared data objects
and massively distributed software modules. These techniques safeguard multi way
authentications, enable single sign-on in the cloud, and tighten access control for sensitive data in
both public and private clouds.

8
2.3 Cloud Computing the New Frontier of Internet Computing

ABSTRACT:
Cloud computing is a new field in Internet computing that provides novel perspectives in
internetworking technologies and raises issues in the architecture, design, and implementation of
existing networks and data centers.

The relevant research has just recently gained momentum, and the space of potential
ideas and solutions is still far from being widely explored.

After IEEE Internet Computing’s recent editorial board meeting in March 2010, editor in
chief Fred Douglis invited me to be department editor for this new cloud computing department.
This is a topic that’s gaining considerable research interest and momentum, and it’s
expected to be the next generation of Internet computing. Through this department, I hope to use
this momentum to gather articles from diverse sources, ranging from researchers in academia to
industry leaders who implement innovative cloud services.
Don’t Trust. And Verify a Security Architecture Stack for the Cloud

ABSTRACT:
This security article is for security architects whose companies are moving critical
systems to the cloud. Whenever technology architecture changes, it’s worth revisiting the
assumptions that went into architecture and design.
This is particularly relevant for security and cloud computing; although many
organizations rate security as a critical issue in moving to the cloud, few know what to do about
it.
Here I show some of the main trends that are driving new security technologies to cope
with the security challenges that the cloud brings to the enterprise. In particular, I look at four
promising technology “patterns” that form a stack of security architecture services for cloud
computing.
9
 CHAPTER 3
SYSTEM DESCRIPTION

10
3.1 Feasibility Study
Feasibility is the determination of whether a project is worth doing. The process followed
in making this determination is called feasibility study. The feasibility of the project is analyzed
in this phase and business proposal is out forth with a very general plan for the project and some
cost estimates. During system analysis the feasibility study of the proposed system is to be
carried out.

Five keys considerations involved in the feasibility analysis are

 Technical feasibility
 Economical feasibility
 Operational feasibility

3.1.1 Technical Feasibility

This study is carried out to check the technical feasibility that is the technical requirements
of the system. Any system developed must not have a high demand on the available technical
resources. This will leads to high demand on the resources that are placed on the client. The
developed system must have a modest requirement, as only minimal or null chances are required
for implementing this system. The main advantage of the project is to fine the multimedia files
quickly.

3.1.2 Economical Feasibility

This involves the feasibility of the project to generate economic benefits. A benefit cost
analysis and a breakeven analysis are important aspects of evaluating the economic feasibility of
new industrial projects. It should demonstrate the net benefit of the proposed application in light
of the benefits and costs to the agency, other state agencies and the general public as a whole.
The benefits and savings expected from the developed system out weigh the estimated cost. The
developed system is economically feasible. This project is done with the available hardware and
therefore it is economically feasible.

11
3.1.3 Operational Feasibility

Operational feasibility addresses the influences that a proposed project may have on the
social system in the project environment. The ambient social structure may be such that certain
categories of workers may be in short supply or nonexistent. The effect of the project on the
social status of the project participants must be assessed to ensure compatibility. It is common
Knowledge the computer installations have something to do understandable that the introduction
of a candidate system requires special effort to educate, sell and train the Staff on new ways of
considering business.

 Manual system is easy

 Training required
 Ensures security and confidentially
 No packet loss
 Information will be more accurate than performed manually
3.2 EXISTING SYSTEM
 A data owner (DO) is usually willing to store large amounts of data in cloud for saving
the cost on local data management.

 Without any data protection mechanism, cloud service provider (CSP), however, can
fully gain access to all data of the user.

 This brings a potential security risk to the user, since CSP may compromise the data for
commercial benefits.

 Accordingly, how to securely and efficiently share user data is one of the toughest
challenges in the scenario of cloud computing.

 Firstly, all user’s secret keys need to be issued by a fully trusted key authority (KA). This
brings a security risk that is known as key escrow problem. By knowing the secret key of
a system user, the KA can decrypt all the user’s cipher texts, which stands in total against
to the will of the user.

12
  Secondly, the expressiveness of attribute set is another concern. As far as
we know, most of the existing CP-ABE schemes can only describe binary state over
attributes, for example, “1 - satisfying” and “0 - not-satisfying”, but not dealing with
arbitrary-state attribute.

Disadvantages:

1. User’s secret keys need to be issued by a fully trusted key authority (KA). This brings a
security risk that is known as key escrow problem.
2. The secret key of a system user, the KA can decrypt all the user’s cipher texts, which
stands in total against to the will of the user.

3.3 PROPOSED SYSTEM

 We propose an attribute-based data sharing scheme for cloud computing applications,

which is denoted as cipher text-policy weighted ABE scheme with removing escrow (CP-
WABE-RE).

 We propose an improved key issuing protocol to resolve the key escrow problem of CP-
ABE in cloud computing.

 The protocol can prevent KA and CSP from knowing each other’s master secret key so
that none of them can create the whole secret keys of users individually

 Thus, the fully trusted KA can be semi-trusted. Data confidentiality and privacy can be
ensured. We present weighted attribute to improve the expression of attribute.

 The weighted attribute can not only express arbitrary-state attribute (instead of the
traditional binary state), but also reduce the complexity of access policy.

 Thus the storage cost of cipher text and computation complexity in encryption can be
reduced. Besides, it can express larger attribute space than ever under the same condition.

 We conduct and implement comprehensive experiment for the proposed scheme. The
simulation shows that CP-WABE-RE scheme is efficient both in terms of computation

13
 complexity and storage cost. In addition, the security of CP-WABE-RE scheme is also
proved under the generic group model.

Advantages:

1. Proposed an arbitrary-state ABE to solve the issue of the dynamic membership

management.
2. The attributes are divided into multiple levels to achieve fine-grained access control for
hierarchical attributes, but the attributes can only express binary state.

14
3.4 SYSTEM SPECIFICATION

Hardware Requirements

Processor : Pentium III and Above

RAM : 256MB and Above

HDD : 20GB and Above

Software Requirements

OS : Windows2000/NT/XP/Vista

Language : Jdk1.6

IDE : MyEclipse6.0

15
 CHAPTER 4
SYSTEM DESIGN

16
4.1 DESIGN SPECIFICATION:

Design of software involves conceiving planning out and specifying the

externally observable characteristics of the software product. We have data

design, architectural design and user interface design in the design process.

These are explained in the following section. The goals of design process it to

provide a blue print for implementation, testing, and maintenance activities.

DATA DESIGN:

The primary activity during data design is to select logical

representations of data objects identified during requirement analysis and

software analysis. A data dictionary explicitly on the elements of the data

structure. A data dictionary should be established and used to define both

data and program design.

DESIGN METHODOLOGY:

The two basic modern design strategies employed in software design are:

1. Top Down Design

2. Bottom Up Design

Top Down Design is basically a decomposition process, which focuses on

the flow of control. At later stages it concern itself with the code production.

The first step is to study the overall aspects of the tasks at hand and to break it

17
into a number of independent modules. The second step is to break each one of

these modules further into independent sub modules. The process is:

Repeated once to obtain modules, which are small enough to group

mentally and to code in a straightforward manner. One important feature is

that at each level the details of the design at the lower level are hidden. Only

the necessary data and control that must be called back and forth over the

interface are defined.

In a bottom-up design one first identifies and investigates parts of design

that are most difficult and necessary designed decision are made the reminder

of the design is tailored to fit around the design already chose for crucial part.

It vaguely represents a synthesis process explained in previous section.

One storage point of the top-down method is that it postpones details of

the decision until the last stage of the decision. It allows making small design

changes when the design is half way through. There is danger that the

specifications will be incompatible and this will not be discovered until late in

the design process. By contrast the bottom-up strategy first focuses on the

crucial part so that feasibility of the design is tested at early stage.

In mixing top-down and bottom-up design it often appears that we start

in the middle of the problem and work our way both up and down there. In a

complex problem, it is often difficult to decide how to modularize the various

procedures in such cases one might consider a list of system inputs and decide

18
what functions are necessary to process these inputs. This is called back to

front design. Similarly one can start with the required outputs and work

backwards evolving so called front-back design. We have applied both the top

down and bottom up approach in our design approach.

DATABASE DESIGN:

Databases are normally implemented by using a package called a Data

Base Management System (DBMS). Each particular DBMS has somewhat

unique characteristics, and so such, general techniques for the design of

database are limited. One of the most useful methods of analyzing the data

required by the system for the data dictionary has developed from research into

relational database, particularly the work of E.F.Codd. This method of

analyzing data is called “Normalization”. Unnormalized data are converted into

normalized data by three stages. Each stage has a procedure to follow.

4.2 NORMALIZATION:

The first stage is normalization is to reduce the data to its first normal

form, by removing repeating items showing them as separate records but

including in them the key fields of the original record.

The next stage of reduction to the second normal form is to check that

the record, which one is first normal form, all the items in each record are

entirely dependent on the key of the record. If a data item is not dependent on

the key of the record, but on the other data item, then it is removed with its
19
key to form another record. This is done until each record contains data items,

which are entirely dependent on the key of their record.

The final stage of the analysis, the reduction of third normal form

involves examining each record, which one is in second normal form to see

whether any items are mutually dependent. If there are any item there are

removed to a separate record leaving one of the items behind in the original

record and using that as the key in the newly created record.

BUSINESS MODELING:

The information flow among business function is modeled in a way that

answers the following questions: what information drives the business process?

What information is generated? What generate it? Where does the information

go? Who process it?

DATA MODELING:

The information flow defined as a process of the business modeling is

refined into a set of data objects that are needed to support the business. The

characteristics (called attributes) of each object are identified and relationships

between these objects are defined.

4.3 PROCESS MODELING:

The data objects defined in the data-modeling phase are transformed to

achieve the information flow necessary to implement a business function.

20
Processing description is created for addition, modifying, deleting, or retrieving

a data object.

THE LINEAR SEQUENTIAL MODEL:

The linear sequential model for software engineering sometimes called

the “classic model” or the “water fall model,” the linear sequential suggests a

systematic, sequential approach to software development that begins at eth

system level and process through analysis, design, coding, testing, and

maintenance.

The linear sequential model is the oldest and the most widely used

paradigm for software engineering. Modeled after the conventional engineering

cycle, the linear sequential model encompasses the following activities:

SYSTEM/INFORMATION ENGINEERING AND MODELLING:

 Because software is always part of a larger system (or business), work

begins by establishing requirements for all system elements and then

allocating some subset of these requirements to software. This system view

is essential when software must interface with other elements such as

hardware, people, and databases.

 System engineering and analysis encompasses requirements gathering at

the system level with a small amount of top-level analysis and design.

Information engineering encompasses requirements gathering at the

21
 strategic business level and at the strategic business level and at the

business area level.

4.4 SOFTWARE REQUIREMENTS ANALYSIS:

 The requirements gathering process is intensified and focused specifically

on software. To understand the nature of the programs to be built, the

software Engineer must understand the information domain for the

software, as well as required function, behavior, performance, and inter

facing. Requirements for the both the system and the software are

documented and reviewed with the customer.

DESIGN:

 Software design is actually a multi step process that focuses on four distinct

attributes of a program: data structure, software architecture, interface

representations, and procedural detail. The design process translates

requirements into a representation of the software that can be assessed for

quality before code generation begins. Like requirements the design is

documented and becomes part of the software configuration.

CODE GENERATION:

 The design must be translated into a machine-readable form. The code

generation step performs this task. If design is performed in a detailed
manner, code generation can be accomplished mechanistically.

22
 TESTING:

 Once code has been generated, program testing process focuses on the
logical internals of the software, assuring that all statements have been
tested, and on the functional externals that is, conducting tests to uncover
errors and ensure that defined input will produce actual results that agree
with required results.

4.5 MAINTENANCE:

 Software will undoubtedly undergo change after it is delivered to the

customer. Change will occur because errors have been encountered,

because the software must be adapted to accommodate changes in its

external environment (e.g., a change required because of a new operating

system or peripheral devices), or because the customer requires functional

or performance enhancement. Software maintenance reapplies each of the

preceding phases to an existing program rather than a new one.

23
4.6 SYSTEMARCHITECTURE:

24
 CHAPTER 5
MODULE DESCRIPTION

25
MODULE

 Case Study and Data Collection

 Admin Authentication
 Group Member
 Hacker identification

MODULE DESCRIPTION

5.1 Case Study and Data Collection:

We consider a case study of a web-based collaboration application for evaluating

performance. The application allows users to store, manage, and share documents and drawings
related to large construction projects. The service composition required. To meet these
requirements, our objective is to find the best Cloud service composition

1. Group Leader

The group leader opens up a sharing area in the cloud to form a group
application. Then, he/she grants the group members the right to implement data
management. All the data in this group are available to all the group members, while they
remain private towards the outsiders of the group including the cloud provider. The group
leader can authorize some specific group members to help with the management of the
group, and this privilege can also be revoked by the group leader. When a member leaves
the group, he/she will lose the ability to download and read the shared data again.

26
  File Upload
The group leader can upload the file for the group members. And the files are
ready to share.
 Accept Request
The group leader also accepts the new member request.

5.2 Admin Authentication:

The group leader can authorize some specific group members to help the
management of the group and this privilege can also be evoked by the group leader. And
the Admin can accept the new user request.

5.3 Group Member

Each group member can implement file download operations in the authenticated
group. Each GM can get some related public information from Cloud Servers and
compute the specific set of security parameters, such as group key pair.
Share Data
The group members can access their shared data if they provide proper
authenticated keys.

Download File
The group members also download the group leader file.

5.4 Hacker identification

Unauthorized persons from outside or inside group try to access the shared file
means they will be caught with their id to group leader.

27
 CHAPTER 6
IMPLEMENTATION AND TESTING

28
6.1 SAMPLE CODE:

ADMISSION CONTROL GUI:

package Design;

import java.awt.event.ActionEvent;

import java.awt.event.ActionListener;

import java.awt.event.ComponentEvent;

import java.awt.event.ComponentListener;

import java.awt.event.MouseEvent;

import java.awt.event.MouseListener;

import java.io.BufferedReader;

import java.io.FileInputStream;

import java.io.FileNotFoundException;

import java.io.FileOutputStream;

import java.io.FileReader;

import java.io.FileWriter;

import java.io.IOException;

import java.io.InputStream;

import java.io.InputStreamReader;

import java.io.ObjectOutputStream;

import java.math.BigInteger;

import java.net.Socket;

import java.net.UnknownHostException;
29
import java.util.Date;

import java.util.HashMap;

import java.util.Random;

import java.util.StringTokenizer;

import java.util.TreeSet;

import java.util.Vector;

import javax.swing.DefaultListModel;

import javax.swing.JButton;

import javax.swing.JDialog;

import javax.swing.JFileChooser;

import javax.swing.JFrame;

import javax.swing.JLabel;

import javax.swing.JList;

import javax.swing.JOptionPane;

import javax.swing.JPanel;

import javax.swing.JScrollBar;

import javax.swing.JScrollPane;

import javax.swing.JTable;

import javax.swing.JTextArea;

import javax.swing.UIManager;

import javax.swing.UnsupportedLookAndFeelException;

import javax.swing.event.ListSelectionEvent;

import javax.swing.event.ListSelectionListener;

import javax.swing.table.DefaultTableModel;

30
import javax.swing.table.TableColumn;

import org.jvnet.substance.SubstanceLookAndFeel;

import java.io.File;

import Logic.AdmissionControl;

public class AdmissionControlUI extends JFrame implements ActionListener, MouseListener{

public JLabel jlhead;

public JList jtaList;

public JLabel jlName;

public JTextArea jtaListsch;

public JLabel jlNamesch;

public JButton jbLoad;

public JButton jbSchedule;

public JButton jbList;

public JButton jbTransfor;

public DefaultListModel dlm;

public JScrollBar jsNode, jsschNode;

public JScrollPane jsBulkData, jsStatus,jsp1,jsp2;

public JTextArea jtBulkData;

public JTable jtStatus;

public DefaultTableModel dm, dms;

public AdmissionControl ac;

public String strTime = ".";

public Vector v;

public int vi = 0;

public String str,node;

31
public String strpath;

public TreeSet<String> treestr;

public AdmissionControlUI() {

setTitle("Attribute-Based Data Sharing Scheme Revisited in Cloud Computing");

setLayout(null);

setSize(600, 500);

setLocation(10, 10);

jlhead = new JLabel("Attribute-Based Data Sharing Scheme Revisited in Cloud Computing");

jlhead.setBounds(200, 10, 400, 20);

jlName = new JLabel("Number of user");

jlName.setBounds(20, 330, 100, 20);

dlm=new DefaultListModel();

jtaList = new JList(dlm);

jtaList.addMouseListener(this);

jsp1=new JScrollPane(jtaList);

jsp1.setBounds(20, 350, 200, 100);

jlNamesch = new JLabel("Number of cheaters");

jlNamesch.setBounds(350, 330, 140, 20);

jbSchedule = new JButton("Schedule");

jbSchedule.setBounds(240, 380, 100, 20);

jbSchedule.addActionListener(this);

jtaListsch = new JTextArea();

jsp2=new JScrollPane(jtaListsch);

jsp2.setBounds(350, 350, 200, 100);

jtBulkData = new JTextArea();

32
jsBulkData = new JScrollPane(jtBulkData);

jsBulkData.setBounds(10, 50, 550, 125);

// jtstatus

jtStatus = new JTable();

dms = new DefaultTableModel();

jtStatus.setModel(dms);

dms.addColumn("Share-File");

dms.addColumn("User-id");

dms.addColumn("Secret Sharing");

dms.addColumn("Arrived Time");

dms.addColumn("Start Time");

dms.addColumn("EndTime");

jsStatus = new JScrollPane(jtStatus);

jsStatus.setBounds(10, 200, 550, 125);

jbLoad = new JButton("BrowseFile");

jbLoad.setBounds(200, 177, 150, 20);

jbLoad.addActionListener(this);

jbList = new JButton("Add-User");

jbList.setBounds(240, 350, 100, 20);

jbList.addActionListener(this);

jbTransfor = new JButton("Share-Data");

jbTransfor.setBounds(240, 420, 100, 20);

jbTransfor.addActionListener(this);

add(jbLoad);

add(jlhead);

33
add(jbTransfor);

add(jbList);

add(jlName);

add(jsp1);

add(jlNamesch);

add(jsp2);

add(jsBulkData);

//add(jbSchedule);

add(jsStatus);

setVisible(true);

//

ac = new AdmissionControl();

ac.displayText(this);

//

public static void main(String arg[]) {

//

JFrame.setDefaultLookAndFeelDecorated(true);

SubstanceLookAndFeel.setCurrentTheme("org.jvnet.substance.theme.SubstanceAquaTheme");

SubstanceLookAndFeel.setCurrentButtonShaper("org.jvnet.substance.button.ClassicButtonShaper");

SubstanceLookAndFeel.setCurrentGradientPainter("SpecularGradientPainter");

try {

UIManager.setLookAndFeel(new SubstanceLookAndFeel())

34
} catch (UnsupportedLookAndFeelException e) {

e.printStackTrace();

//

new AdmissionControlUI();

public void actionPerformed(ActionEvent eve) {

if (eve.getSource() == jbSchedule) {

jtaListsch.append("strTime");

if (eve.getSource() == jbLoad) {

//

JFileChooser fc=new JFileChooser();

fc.showOpenDialog(this);

File f=new File(fc.getSelectedFile().toString());

strpath=f.getAbsolutePath();

System.out.println(strpath);

try {

FileInputStream fis=new FileInputStream(f);

BufferedReader br=new BufferedReader(new InputStreamReader (fis));

FileOutputStream fos = new FileOutputStream("E:\\sharedata\\"+

"test"+".txt", true);

try {

35
 while((str=br.readLine())!=null){

jtBulkData.append(str+"\n");

fos.write(str.getBytes());

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace();

} catch (FileNotFoundException e) {

// TODO Auto-generated catch block

e.printStackTrace();

JOptionPane.showMessageDialog(null, "Share Data Opened");

if (eve.getSource() == jbList) {

//very impt line //TreeSet<String> ts = ac.tsArrTime;

TreeSet<String> ts=treestr;

java.util.Iterator<String> it = ts.iterator();

while (it.hasNext()) {

36
 / StringTokenizer st = new
StringTokenizer(it.next(),"--");

String time=st.nextToken();

System.out.println("time"+time);

node =st.nextToken()+"--"+st.nextToken();

System.out.println("Node"+node);

Random rm1=new Random();

Random rm2=new Random();

String str1=""+rm1.nextInt(100000000);

String str2=""+rm1.nextInt(200000000);

str1.substring(2, str1.length());

str2.substring(2, str2.length());

//str1.

dms.addRow(new Object[] {strpath,node,str1+"-"+str2,time,"",""})

if (eve.getSource() == jbTransfor) {

JOptionPane.showMessageDialog(null, "will assign each node start time & end

time");

Date date=new Date();

for(int i=0;i<dms.getRowCount();i++){
System.out.println("enterlist");

sTime.add(date.getTime());

dms.setValueAt(date.getMinutes()+":"+date.getSeconds(), i, 4);

37
 date.setSeconds(date.getSeconds()+5);

eTime.add(date.getTime());

dms.setValueAt(date.getMinutes()+":"+date.getSeconds(), i, 5);

new Assign().start();

Vector<Long> sTime=new Vector<Long>();

Vector<Long> eTime=new Vector<Long>();

Vector<Vector<String>> totData=new Vector<Vector<String>>();

class Assign extends Thread{

public void run() {

// TODO Auto-generated method stub

int rcnt=dms.getRowCount();

int i=0;

while (true) {

Date date=new Date();

long cTime=date.getTime();

if (i<rcnt) {

if (cTime > sTime.get(i) && cTime < eTime.get(i)) {

String val = dms.getValueAt(i, 1).toString();

System.out.println("val:" + val);

String sstr=val.substring(val.lastIndexOf("--"));

38
 sstr=sstr.substring(2, sstr.length());

String sys="localhost"
System.out.println("portNumber"+sstr); int
port=Integer.parseInt(sstr.trim());

try {

Socket s=new Socket(sys,port);

ObjectOutputStream oos=new
ObjectOutputStream(s.getOutputStream());

oos.writeObject("Data");

Object ob=jtStatus.getModel().getValueAt(i, 2);

System.out.println("objectvalue Enter"+ob+"-
"+strpath);

oos.writeObject(ob+"-"+strpath);

} catch (UnknownHostException e) {

// TODO Auto-generated catch block

e.printStackTrace();

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace();

i++;

39
 }

}else

break;

try {

Thread.sleep(1000);

} catch (InterruptedException e) {

// TODO Auto-generated catch block

e.printStackTrace();

//

//

public void mouseClicked(MouseEvent me) {

if(me.getSource()==jtaList){

System.out.println(jtaList.getSelectedValue());

String str=jtaList.getSelectedValue()+"";

treestr=new TreeSet<String>();

treestr.add(str);

}}

public void mouseEntered(MouseEvent e) {

// TODO Auto-generated method stub }

public void mouseExited(MouseEvent e) {

40
 // TODO Auto-generated method stub

} public void mousePressed(MouseEvent e) {

// TODO Auto-generated method stub

public void mouseReleased(MouseEvent e) {

// TODO Auto-generated method stub

}}

CLIENT GUI:

package Design;

import java.awt.event.ActionEvent;

import java.awt.event.ActionListener;

import java.awt.event.MouseEvent;

import java.awt.event.MouseListener;

import java.io.BufferedReader;

import java.io.FileInputStream;

import java.io.FileNotFoundException;

import java.io.FileOutputStream;

import java.io.IOException;

import java.io.InputStreamReader;

import java.io.ObjectOutputStream;

import java.net.InetAddress;

import java.net.Socket;

import java.net.UnknownHostException;

import java.util.Properties;

import java.util.Random;

41
import javax.swing.JButton;

import javax.swing.JFrame;

import javax.swing.JLabel;

import javax.swing.JOptionPane;

import javax.swing.JScrollPane;

import javax.swing.JTable;

import javax.swing.JTextArea;

import javax.swing.JTextField;

import javax.swing.UIManager;

import javax.swing.UnsupportedLookAndFeelException;

import javax.swing.table.DefaultTableModel;

import javax.swing.text.JTextComponent;

import org.jvnet.substance.SubstanceLookAndFeel;

import Logic.Client;

public class ClientUI extends JFrame implements ActionListener, MouseListener {

/**

*/

private static final long serialVersionUID = 1L;

public JLabel jlhead,jlSecretShareOne,jlSecretShareTwo;

public static JTextField jtSecretShareOne,jtSecretShareTwo;

public JButton jbReq;

public JButton jbShare;

public JTextArea jtRecive;

public static DefaultTableModel dmr;

42
public JScrollPane jsRec;

public int sysid;

public String sysName;

public Properties properties;

public FileOutputStream fos;

public static String strcmpone,strcmptwo;

public static String strfile;

public ClientUI() throws IOException {

Random rm = new Random();

sysid = rm.nextInt(1000);

Properties properties = new Properties();

String sysname = "port"+sysid;

String str=""+sysid;

System.out.println(str);

properties.setProperty(sysname, str);

FileOutputStream fos = new FileOutputStream("Ports.properties",true);

properties.store(fos,sysname);

fos.close();

setTitle("User-:"+sysid);

setSize(400, 400);

setLayout(null);

setLocation(500, 10);

jlhead = new JLabel("Node" + sysid);

jlhead.setBounds(20, 25, 200, 20);

jlSecretShareOne=new JLabel("SecretShareOne");

43
 jlSecretShareOne.setBounds(50, 50, 150, 20);

jlSecretShareTwo=new JLabel("SecretShareTwo");

jlSecretShareTwo.setBounds(50, 75, 150, 20);

jtSecretShareOne=new JTextField();

jtSecretShareOne.setBounds(150, 50, 150, 20);

jtSecretShareTwo=new JTextField();

jtSecretShareTwo.setBounds(150, 75, 150, 20);

jtRecive = new JTextArea();

//jtRecive.addMouseListener(this);

//dmr = new DefaultTableModel();

//jtRecive.setModel(dmr);

//dmr.addColumn("FilePath");

jsRec = new JScrollPane(jtRecive);

jsRec.setBounds(10, 130, 370, 180);

jbReq = new JButton("Request");

jbReq.setBounds(150, 330, 100, 20);

jbReq.addActionListener(this);

jbShare=new JButton("ShareData");

jbShare.setBounds(120, 100, 150, 20);

jbShare.addActionListener(this);

add(jlhead);

add(jbReq);

add(jsRec);

add(jlSecretShareOne);

add(jlSecretShareTwo);

44
 add(jtSecretShareOne);

add(jtSecretShareTwo);

add(jbShare);

setVisible(true); }

public static void main(String arg[]) throws IOException {

//

JFrame.setDefaultLookAndFeelDecorated(true);

SubstanceLookAndFeel.setCurrentTheme("org.jvnet.substance.theme.SubstanceTheme.AQUA")
; SubstanceLookAndFeel.setCurrentButtonShaper("org.jvnet.substance.button.ButtonShaperInfo");
SubstanceLookAndFeel.setCurrentGradientPainter("SpecularGradientPainter");

try { UIManager.setLookAndFeel(new SubstanceLookAndFeel());

} catch (UnsupportedLookAndFeelException e)

e.printStackTrace();

} //

new ClientUI();

public void actionPerformed(ActionEvent eve) {

if(eve.getSource()==jbReq){

System.out.println("enter");

new Client().sendClient(sysid);

if(eve.getSource()==jbShare){

String strone=jtSecretShareOne.getText();

String strtwo=jtSecretShareTwo.getText();

if(strone.length()!=0&&strtwo.length()!=0){

System.out.println("one"+jtSecretShareOne.getText());
45
 System.out.println("two"+jtSecretShareTwo.getText());

if(strone.equals(strcmpone)&& strtwo.equals(strtwo))
JOptionPane.showMessageDialog(null, "Data Opened"); //

String strData;

try {

FileInputStream fis=new FileInputStream(strfile);

BufferedReader br=new BufferedReader(new

InputStreamReader (fis)); try {
while((strData=br.readLine())!=null){

jtRecive.append(strData+"\n"); }

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace()

} catch (FileNotFoundException e) {

// TODO Auto-generated catch block

e.printStackTrace();

//

else{

46
 JOptionPane.showMessageDialog(null, "Wrong Password");

//

Socket s;

try {

s = new Socket(sysName, 8090);

ObjectOutputStream ois = new

ObjectOutputStream(s.getOutputStream());

ois.writeObject("--
"+InetAddress.getLocalHost().getHostName()+"--"+sysid);

} catch (UnknownHostException e) {

// TODO Auto-generated catch block

e.printStackTrace();

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace();

//

else{

JOptionPane.showMessageDialog(null, "Sharevalue is null");

47
 }

}}

public void mouseClicked(MouseEvent me) {

if(me.getSource()==jtRecive){

}}

public void mouseEntered(MouseEvent arg0) {

// TODO Auto-generated method stub }

public void mouseExited(MouseEvent arg0) {

// TODO Auto-generated method stub }

public void mousePressed(MouseEvent arg0) {

// TODO Auto-generated method stub }

public void mouseReleased(MouseEvent arg0) {

// TODO Auto-generated method stub

FILE OPEN:

package Design;

import java.awt.event.ActionEvent;

import java.awt.event.ActionListener;

import java.io.BufferedReader;

import java.io.File;

import java.io.FileInputStream;

import java.io.FileNotFoundException;

48
import java.io.FileOutputStream;

import java.io.IOException;

import java.io.InputStreamReader;

import javax.swing.JButton;

import javax.swing.JFrame;

import javax.swing.JLabel;

import javax.swing.JOptionPane;

import javax.swing.JScrollPane;

import javax.swing.JTextArea;

import javax.swing.JTextField;

public class FileOpen extends JFrame implements ActionListener{

public String strpath;

public JLabel jlsh1,jlsh2;

public JTextField jtsh1,jtsh2;

public JTextArea jta;

public JButton jbFile;

public JScrollPane jsp;

public FileOpen(String str){

this.strpath=str;

setTitle("FileReader");

setLayout(null);

setSize(700, 500);

setLocation(100, 100);

jlsh1=new JLabel("ShareOne");

jlsh1.setBounds(150, 20, 100, 20);

49
 jlsh2=new JLabel("ShareTwo");

jlsh2.setBounds(150, 60, 100, 20);

jtsh1=new JTextField();

jtsh1.setBounds(250, 20, 200, 20);

jtsh2=new JTextField();

jtsh2.setBounds(250, 60, 200, 20);

jbFile=new JButton("OPenFile");

jbFile.addActionListener(this);

jbFile.setBounds(300, 100, 100, 20);

jta=new JTextArea();

jsp=new JScrollPane(jta);

jsp.setBounds(10, 140, 670, 320);

add(jlsh1);

add(jlsh2);

add(jtsh1);

add(jtsh2);

add(jbFile);

add(jsp);

setVisible(true);

public void actionPerformed(ActionEvent arg0) {

String str;

File f=new File("E:\\shareData\\test.txt");

try { FileInputStream fis=new FileInputStream(f);

BufferedReader br=new BufferedReader(new InputStreamReader (fis));

50
 //FileOutputStream fos = new FileOutputStream("E:\\sharedata\\"+
"test"+".txt", true);

try {

while((str=br.readLine())!=null){

jta.append(str+"\n");

//fos.write(str.getBytes()); }

} catch (IOException e) {

// TODO Auto-generated catch block

e.printStackTrace(); }

} catch (FileNotFoundException e) {

// TODO Auto-generated catch block

e.printStackTrace();

}}}

51
6.2System Testing

Software testing is a critical element if software quality assurance represents the ultimate
reviews of specification, design and coding. Testing is vital of the system.

Errors can be injected at any stage during development. During testing, the program is
executed with correctness. A series of testing are performed for the proposed systems before the
system is delivered to the user.

Unit Testing

In the unit testing the testing is performed on each module and this module is
known as module testing. This testing was carried out during programming state itself. In this
testing all the modules working satisfactorily as regard to the expected output from the module
Unit testing is a method by which individual units of source code are tested to determine if they
are fit for use. A unit is the smallest testable part of an application. In procedural programming a
unit may be an individual function or procedure. Unit tests are created by programmers or
occasionally by white box testers.

Unit test cases embody characteristics that are critical to the success of the unit.
These characteristics can indicate appropriate/inappropriate use of a unit as well as negative
behaviors that are to be trapped by the unit. A unit test case, in and of itself, documents these
critical characteristics, although many software development environments do not rely solely
upon code to document the product in development. Unit testing provides a sort of living
documentation of the system. Developers looking to learn what functionality is provided by a
unit and how to use it can look at the unit tests to gain a basic understanding of the unit API.

6.3 Acceptance Testing

Acceptance testing is black-box testing performed on a system (e.g. software, lots

of manufactured mechanical parts, or batches of chemical products) prior to its delivery. It is also
known as functional testing, black-box testing, release acceptance, QA testing, application
testing, confidence testing, final testing, validation testing, or factory acceptance testing.
52
 Acceptance testing generally involves running a suite of tests on the completed
system. Each individual test, known as a case, exercises a particular operating condition of the
user's environment or feature of the system, and will result in a pass or fail, or Boolean, outcome.
There is generally no degree of success or failure. The test environment is usually designed to be
identical, or as close as possible, to the anticipated user's environment, including extremes of
such. These test cases must each be accompanied by test case input data or a formal description
of the operational activities (or both) to be performed intended to thoroughly exercise the
specific case and a formal description of the expected results.

Types of Acceptance Testing

Typical types of acceptance testing include the following

User acceptance testing

This may include factory acceptance testing, i.e. the testing done by factory users before
the factory is moved to its own site, after which site acceptance testing may be performed by the
users at the site.
Operational acceptance testing
Also known as operational readiness testing, this refers to the checking done to a
system to ensure that processes and procedures are in place to allow the system to be used and
maintained.
Contract and regulation acceptance testing

In contract acceptance testing, a system is tested against acceptance criteria as

documented in a contract, before the system is accepted. In regulation acceptance testing, a
system is tested to ensure it meets governmental, legal and safety standards.

53
Alpha and beta testing

Alpha testing takes place at developers' sites, and involves testing of the
operational system by internal staff, before it is released to external customers. Beta testing takes
place at customers' sites, and involves testing by a group of customers who use the system at
their own locations and provide feedback, before the system is released to other customers. The
latter is often called “field testing”.

Integration Testing

One module can have adverse effect on another such functions when combined may not
produce the desired results. Integration testing is a systematic technique for constructing the
program structure and conducting test to uncover errors associated with interface. All the
modules are combined in this testing step. The entire program is tested as the whole. The errors
uncovered are corrected for the next testing step.

Black Box Testing

The black box approach is attesting method in which test data are delivered from the
functional requirement without regard to the final program structure. Because only functionality
of the software is concerned.

In black box testing, only the functionality is determined by observing the outputs to the
corresponding input. In this testing various input images are exercised and the output images are
compared as required by the content retriever.

White Box Testing

White box testing are the software predicates on close examination of procedure details.
It provides test cases that exercise specific test for conditions and loops. White box testing was
carried out in the order to guarantee that

 All independent parts within a module exercised at least once.

 All logical decision on this true and false side was exercised
54
Validation Testing

Computer input procedures are designed to detect errors in the data at the lower level of
detail which is beyond the capability of the control procedures. The validation succeeds when the
software functions in the manner that can be reasonably expected by the customer.

6.4 TEST CASE

In software engineering, the most common definition of a test case is a set of conditions
or variables under which a tester will determine if a requirement or use case upon an application
is partially or fully satisfied. It may take many test cases to determine that a requirement is fully
satisfied. In order to fully test that all the requirements of an application are met, there must be at
least one test case for each requirement unless a requirement has sub requirements. In that
situation, each sub requirement must have at least one test case. This is frequently done using a
Traceability matrix. Some methodologies, like RUP, recommend creating at least two test cases
for each requirement. One of them should perform positive testing of requirement and other
should perform negative testing. Written test cases should include a description of the
functionality to be tested, and the preparation required to ensure that the test can be conducted.

If the application is created without formal requirements, then test cases can be written
based on the accepted normal operation of programs of a similar class. In some schools or
testing, test cases are not written at all but the activities and results are reported after the tests
have been run.

What characterizes a formal, written test case is that there is a known input and an
expected output, which is worked out before the test is executed. The known input should test a
precondition and the expected output should test a post condition.

Under special circumstances, there could be a need to run the test, produce results, and
then a team of experts would evaluate if the results can be considered as a pass. This happens
often on new products' performance number determination. The first test is taken as the base line
for subsequent test / product release cycles.
55
 Written test cases are usually collected into Test suites.

Variations of test cases are most commonly used in acceptance testing. Acceptance
testing is done by a group of end-users or clients of the system to ensure the developed system
meets their requirements. User acceptance testing is usually differentiated by the inclusion of
happy path or positive test cases.

6.5 Structure of test case

Formal, written test cases consist of three main parts with subsections:

 Information contains general information about Test case.

o Identifier is unique identifier of test case for further references, for example, while
describing found defect.
o Test case owner/creator is name of tester or test designer, who created test or is
responsible for its development
o Version of current Test case definition
o Name of test case should be human-oriented title which allows to quickly
understand test case purpose and scope.
o Identifier of requirement which is covered by test case. Also here could be
identifier of use case or functional specification item.
o Purpose contains short description of test purpose, what functionality it checks.
o Dependencies
 Test case activity
o Testing environment/configuration contains information about configuration of
hardware or software which must be met while executing test case
o Initialization describes actions, which must be performed before test case
execution is started. For example, we should open some file.
o Finalization describes actions to be done after test case is performed. For example
if test case crashes database, tester should restore it before other test cases will be
performed.
o Actions step by step to be done to complete test.
56
 CHAPTER 7
RESULT AND SCREEN SHOT

57
7.1 Results

o Expected results contains description of what tester should see after all test steps
has been completed
o Actual results contains a brief description of what the tester saw after the test
steps has been completed. This is often replaced with a Pass/Fail. Quite often if a
test case fails, reference to the defect involved should be listed in this column.

58
7.2 SCREEN SHOTS:

Figure1.1:Data owner cloud design has been created.

Figure1.2: Copy the file

59
Figure1.3 : File selected to be shared

Figure1.4 : Opening the share data.

60
Figure1.5 : A data displayed in cloud computing.

Figure1.6 : The request has been given by the user .

61
Figure1.7 :The request are recived by cloud.

Figure1.8: Data owner selects the recived requests.

62
Figure1.9: Cloud assign each node start time &end time.

Figure1.10 : The cloud displaying each node start time and end time.
63
Figure1.11: The user receiving two different secret keys.

Figure1.12 : The message is given for opening the data.

64
1.13: The data is displayed in users system.

Figure1.14: The cheater entering the wrong password.

65
Figure1.15 : The worning message has been displayed to cheater.

Figure1.16: The number of cheaters system id is displayed in data owner system.

66
7.3 CONCLUSION:

In this paper we proposed a dynamic secure group sharing framework in

public cloud computing environment.
In our proposed scheme, the management privilege can be granted to some
specific group members based on proxy signature scheme, all the sharing files are
secured stored in Cloud Servers and all the session Key is protected in the digital.
We use Cloud Server scheme to dynamical updating group key pair when
there’re group members leaving or joining the group. Even though not all the
group members are online together, our scheme can still do well.
In order should be updated based on proxy re-encryption, which can
delegate most of computing overhead to Cloud Servers without disclosing any
security information.
From the security and performance analysis, the proposed scheme can
achieve the design goal, and keep a lower computational complexity and
communication overhead in each group members’ side.

67
FUTURE ENHANCEMENT:

Multi-Writer Model: As mentioned, cloud data storage not only provides dynamic and
scalable storage services, but also allows easy on-demand file sharing. A difficult problem is
support for services with legacy users, who may not only access but also modify the owner’s
data in the cloud. Under this multi-writer model, achieving the same data dynamics support for
public auditing services while maintaining file consistency is future challenge.

68
CHAPTER 8
REFERENCES

69
 REFERENCES

[1] J. Baek, Q. H. Vu, J. K. Liu, X. Huang, and Y. Xiang. A secure cloud

computing based framework for big data information management of

smart grid. IEEE Transactions on Cloud Computing, 3(2):233–244,

2015.

[2] A. Balu and K. Kuppusamy. An expressive and provably secure

ciphertext-policy attribute-based encryption. Information Sciences,

276(4):354–362, 2014.

[3] M. Belenkiy, J. Camenisch, M. Chase, M. Kohlweiss, A. Lysyanskaya,

and H. Shacham. Randomizable proofs and delegatable anonymous

credentials. Proceedings of the 29th Annual International Cryptology

Conference, pages 108–125, 2009.

[4] J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attributebased

encryption. IEEE Symposium on Security and Privacy, pages

321–334, 2007.

[5] D. Boneh, B. Lynn, and H. Shacham. Short signatures from the weil

pairing. Journal of Cryptology, 17(4):297–319, 2001.

[6] M. Chase. Multi-authority attribute based encryption. Proceedings of

70
the 4th Conference on Theory of Cryptography, pages 515–534, 2007.

[7] M. Chase and S. S. Chow. Improving privacy and security in multiauthority

attribute-based encryption. Proceedings of the 16th ACM

Conference on Computer and Communications Security, pages 121–130,

2009.

[8] L. Cheung and C. Newport. Provably secure ciphertext policy ABE.

Proceedings of the 14th ACM conference on Computer and communications

security, pages 456–465, 2007.

[9] S. S. Chow. Removing escrow from identity-based encryption. Proceedings

of the 12th International Conference on Practice and Theory

in Public Key Cryptography, pages 256–276, 2009.

[10] C. K. Chu, W. T. Zhu, J. Han, J. K. Liu, J. Xu, and J. Zhou. Security

concerns in popular cloud storage services. IEEE Pervasive Computing,

12(4):50–57, 2013.

[11] A. De Caro and V. Iovino. JPBC: java pairing based cryptography. IEEE

Symposium on Computers and Communications, 22(3):850–855, 2011.

[12] H. Deng, Q. Wu, B. Qin, J. Domingo-Ferrer, L. Zhang, J. Liu, and

W. Shi. Ciphertext-policy hierarchical attribute-based encryption with

short ciphertexts. Information Sciences, 275(11):370–384, 2014.

[13] C. Fan, S. Huang, and H. Rung. Arbitrary-state attribute-based encryption

with dynamic membership. IEEE Transactions on Computers,

63(8):1951–1961, 2014.

[14] V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption

for fine-grained access control of encrypted data. Proceedings of

71
the 13th ACM conference on Computer and communications security,

pages 89–98, 2006.

[15] J. Hur. Improving security and efficiency in attribute-based data sharing.

IEEE Transactions on Knowledge and Data Engineering, 25(10):2271–

2282, 2013.

[16] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker. Mediated

ciphertext-policy attribute-based encryption and its application. Proceedings

of the 10th International Workshop on Information Security

Applications, pages 309–323, 2009.

[17] T. Jiang, X. Chen, J. Li, D. S. Wong, J. Ma, and J. K. Liu. Towards

secure and reliable cloud storage against data re-outsourcing. Future

Generation Computer Systems, 52:86–94, 2015.

[18] S. Lai, J. K. Liu, K.-K. R. Choo, and K. Liang. Secret picture: An

efficient tool for mitigating deletion delay on OSN. Information and

Communications Security, pages 467–477, 2015.

[19] K. Liang, M. H. Au, J. K. Liu, W. Susilo, D. S. Wong, G. Yang, T. V. X.

Phuong, and Q. Xie. A DFA-based functional proxy re-encryption

scheme for secure public cloud data sharing. IEEE Transactions on

Information Forensics and Security, 9(10):1667–1680, 2014.

[20] K. Liang, M. H. Au, J. K. Liu, W. Susilo, D. S. Wong, G. Yang, Y. Yu,

and A. Yang. A secure and expressive ciphertext-policy attribute-based

proxy re-encryption for cloud data sharing. Future Generation Computer

Systems, 52(C):95–108, 2015.

[21] K. Liang, L. Fang, D. S. Wong, and W. Susilo. A ciphertext-policy

72
attribute-based proxy re-encryption scheme for data sharing in public

clouds. Concurrency and Computation: Practice and Experience,

27(8):2004–2027, 2015.

[22] K. Liang, J. K. Liu, R. Lu, and D. S. Wong. Privacy concerns for photo

sharing in online social networks. IEEE Internet Computing, 19(2):58–

63, 2015.

[23] K. Liang, J. K. Liu, D. S. Wong, and W. Susilo. An efficient cloudbased

revocable identity-based proxy re-encryption scheme for public

clouds data sharing. Proceedings of the 19th European Symposium on

Research in Computer Security, pages 257–272, 2014.

[24] K. Liang and W. Susilo. Searchable attribute-based mechanism with

efficient data sharing for secure cloud storage. IEEE Transactions on

Information Forensics and Security, 10(9):1981–1992, 2015.

[25] K. Liang, W. Susilo, and J. K. Liu. Privacy-preserving ciphertext multisharing

control for big data storage. IEEE Transactions on Information

Forensics and Security, 10(8):1578–1589, 2015.

73