Data access control is an helpful way to make sure that data security in the cloud. Unpaid to data outsource and untrusted cloud servers, it can access control becomes a exigent matter in cloud storage systems. Cipher text-Policy characteristic based Encryption is regard as one of the most fit technologies for data access control in cloud storage, because it can gives to the data owners more direct control on access policies. However, it is complicated to nonstop apply existing older Cipher text-Policy. Attribute based Encryption schemes to data access control for cloud storage systems because of the attribute revocation problem.
1.1 CLOUD COMPUTING
Now a day’s cloud computing is an intelligently developed technology to store data from number of client. Cloud computing makes allows users to slightly store their valuable data over cloud. Remote backup system is the progressive technique which minimizes the cost of implementing more memory in an organization. It helps government agencies and enterprises to reduce financial overhead of data management. They can extract their data backups remotely to third party cloud storage providers than maintaining their own data centres. An individual or an organization does not require purchasing the storage devices. Instead they can store their data to the cloud and archive data to avoid information loss in case of system failure like hardware or software failures. Cloud storage is more flexible, but security and privacy are available for the outsourced data becomes a serious concern. To realize protected data transaction in cloud, proper cryptography method is used. The data owner must do after encryption of the file, and stores to in the cloud. If a third person downloads the file, they can view the record if they had the key which is used to decrypt the encrypted file. To overcome the problem Cloud computing is one of the emerging technologies, It is important to protect the data and privacy of user. Attribute-based Encryption is one of the most suitable schemes for data access control in public clouds for it can ensures data owners direct control over data and provide a fine-grained access control service. Till now, there are many ABE schemes proposed, which can be divided into two different categories: Key Policy Attribute-based Encryption (KP-ABE) as well as Cipher text Policy Attribute-based Encryption (CPABE). In KP-ABE schemes, decrypt keys are combined with access structures and in cipher texts it is labelled with special attribute sets, for attribute management and key distribution an authority is responsible. The authority may be the human resource department in a company, the registration office in a university, etc. The data owner defines the access policies and encrypts the data according to the defined policies. Every user will be issued a secret key reflecting its attributes. A user can decrypt the data whenever its attributes match the access policies. Right of entry control methods make sure that authorized user access data of the system. Access control is a policy or process that allows, denies or restricts access to system. It also monitors and record all attempts made to access a system. Access Control can also identify unauthorized users attempting to access a system. It is a method which is very much important for defence in computer security. The Cloud storage is a very important service in cloud computing. The Cloud Storage offers the services for data owners to crowd their data over cloud environment. A big challenge to data access control scheme is data hosting and data access services. Because data owners do not completely trust the cloud servers also so the data access control becomes a challenging issue in cloud storage systems.
The Ciper-text-policy attribute-based were encryption (CP-ABE) is concerning as one of the majority prominently technologies for data access control in cloud storage, since it gives data owner more directly control on right of entry policies.
on the other hand it is not easy to directly apply existing the CP-ABE system to data access control storage system. Because of the characteristic revocation problem. For that designed an expressive, efficient and recollect data access control method for multi-authority cloud storage systems.
1.3 PROJECT OBJECTIVE
• Contribution of data in multi-owner manner.
• Where multiple authorities co-exist and each authority was able to issue attributes independently.
• Single point bottleneck also.
• Every authority is distributed.
• Direct control on access control policies.
1.4 SCOPE OF THE PROJECT
Data owner should get direct controls on access policies, which is provided by Ciper-text-policy Encryption based (CP-ABE).due to attribute revoking not easy for applies existing CP-ABE schemes to data in cloud storage.
This efficient ,expressive and revokes that in data access control scheme in multi-authority storage cloud systems, in which there is a co-existence of numerous establishment to add there each will be able to issue independently attributes.
The rest of the study proceeds as follows:
Chapter 1: project description
Chapter 2: focus the on the literature survey which helps recognize the older system and features of the proposed system is explained.
Chapter3: which gives explanation about hardware and software requirements.
Chapter 4: System design gives their overall explanation of the project modules.
Chapter 5: Detailed design of various description and diagrams
Chapter 6: Deals with the details of project implementation and its screen shots.
Chapter 7: Presents with testing application along with test case and results.
Chapter 8: Conclusion.
Chapter 9: Future enhancements.
Appendix A: Bibliography
1.6 COMPANY PROFILE:
This system is the very most important step in software development process. Before developing the tool it is necessary to conclude the time thing, economy and company force. Once these things are satisfied, next steps are to determine which the operating system is and language can be used for increasing the tool. Once the programmers start building the tool the programmers need a lot of external support for developing process. This support can be obtainers Before building the system the above reflection are taken into account for developing the proposed system. In access control system for public cloud storage, brings a single –point bottleneck on both security and performance against the single authority for any specific attribute. User encrypts sensitive data, it is imperative that she establish a specific access control policy on who can decrypt this data.
2.1 EXISTING SYSTEM
• Not possible to trace the identity of the misbehaving users.
• Difficult to maintain dynamic groups.
• Data owners store the encrypted data files in entrusted storage and deal out the matching decryption keys only to authorized users.
• A secure provenance scheme based on theirs cipher text-policy attribute-based encryption technique, in which allows any member in a group to share data with others.
2.1.1 DISADVANTAGES OF EXISTING SYSTEM:
• Chase’s protocol does not support attribute revocation.
• It is not possible for their trace which users convert as a false file.
• Users are also modifying the data, that kind of possibility is available here.
• Without permission everyone easily sharing the file to all members.
• Group Manager doesn’t communicate with group members.
• All group members also possible to revocation
2.1.2 PROPOSED SYSTEM:
• We propose a secure multi-owner data sharing scheme.
• Our proposed scheme is able to support dynamic groups efficiently.
• We make available secure and privacy-safeguard access control to users.
• Each group members having different public key.
• Owner of the application only possible to revocation.
• Without giving there authorization data sharing not possible in the system.
2.1.3 ADVANTAGES OF PROPOSED SYSTEM:
• We change the framework of the scheme and to make it more realistic to cloud storage systems, in which data owners are not concerned in the key generation.
• We really get better the efficiency of the attribute revocation method.
• High Security services.
• Minimize the convolution of private key.
• Maintain the data as a approachable data without giving access to any unauthorized users.
2.2 FEASIBILITY STUDY
The project is evaluated in this study and business offer is put into view with a very all-purpose plan for the project and some cost estimates. Through system study the feasibility study of the proposed system is to be supported. This is to confirm that the proposed system is not a drain to the corporation. For feasibility analysis, some accepting of the major requirements for the system is necessary.
Three key concerns elaborate in the feasibility analysis below.
2.2.1 ECONOMICAL FEASIBILITY
This study is carried to check the economic influence that the system will have on the association. The amount of deposit that the company can transfer into the investigation and improvement of the system is restricted. The disbursements must be justified. Thus the advanced system as well within the reasonable and this was accomplished. Only the modified products had to be acquired.
2.2.2 TECHNICAL FEASIBILITY
This study is approved out to check the technical feasibility, that is, the practical necessities of the system. Any system established must not have a great request on the available technical properties. This will tend to high loads on the presented technical properties. This will lead to high difficulties being placed on the client. The advanced system must have a retiring necessity, as only slight or null changes are essential for implementing this system.
2.2.3 SOCIAL FEASIBILITY
The part of this study is to check the level of receiving of the system by the user. This contains the course of teaching the user to use the system professionally. The user must not feel helpless by the system, instead must agree to take it as a requirement. The level of receiving by the users uniquely depends on the methods that are hired to instruct the user about the system and to create him aware with it. His level of confidence must be raised up so that he is also capable to make some productive disapproval, which is received, as he is the final user of the system.
SOFTWARE REQUIREMENT SPECIFICATION
Software requirement specification (SRS) is main phase in the software development process. The purpose of this phase is to extract all the system requirements. This phase involves the specifying the users requirements and document them, these documents are divided into the various modules, which helps for the developer to implementation of the software.
3.1 FUNCTIONAL REQUIREMENTS:
3.1.1 Cloud Server:
The cloud service contributor manages a cloud to make available data storage service to the data owners encrypt their data files and to store them in the cloud for contribution with data regulars. To access the shared data files.
3.1.2Data Encryption and Decryption:
All the legal users were in the system can generously query any involved encrypted and decrypted data. Upon getting key the user runs on the decryption algorithm to do the cipher text by using its private keys and from different Attribute Authorities (AAs). Only the the user can possesses gratify the access structure defined in the cipher text CT, the user can get the secret key.
Authorities from diverse domain supply the attributes to the end users. One end consumer can have the attributes given from different authorities and even when the authorities can give the attributes to different end user or people. Only the end users who have the endorsed attributes can be access the particular files were the uploaded file.
3.1.4 Improved Security:
This presently designed algorithm is responsible for making improved security to the data stored. It can generates the email message to the data owners to that some attack has been occurred by the malevolent user. Then the data owner can take the additional action by blocking that user. If there any attacker modifies some of file then it informs to the data owner about the modification when the data owner verifies that file.
3.2 NON-FUNCTIONAL REQUIREMENT:
Non-functional requirements are those which not directly connected to the functions that are carried out in the system. Non-functional requirement places the constraints on the system development, these special constraints that are system need to meet.
The principal non-functional constraints which are relevant to critical systems: ‹
3.2.1 Performance Requirement:
• The system response time should be less, it must be interactive.
• While opening database, inserting records the action – response time must be less than the 2 seconds.
• The system must give uninterrupted connection.
3.2.2 Safety Requirement:
• The information should be securely store in the server without any manipulation of the data.
• Servers should be placed in the secure place so that the data should not get affected by the physical aspects.
3.2.3 Security Requirement:
• Login options are given to user so that data cannot be misused by other.
• The database operators also have the username and password option so that data transition between the server and user interface happens in secure manner.
3.2.4 Reliability Requirement:
• Software should be developed in such a way that it should work in the any system with or without minor changes to it.
• Should choose the right tools and environment for the development of software so it they can support all type of system.
3.3 TOOLS AND TECHNOLOGIES
3.3.1. Standard Specification
Model 2 (MVC) Architecture
The model 2 is the MVC architecture which contains of 3 modules controller, model and the view which are placed in the container. Model 2 architecture provides the security for the system as the whole model is placed in the container it has only one way for giving data and the exiting of the data. In this architecture each models are separately coded which helps in the reusability of the system.
Fig 3.3.1 Model 2 MVC architecture
• Model (M): The model consists of the service and the data which has the business and the persistence logic. The business logic is implemented with the help of the java or web service. The persistence logic is implemented with the help of JDBC or Hibernate, the persistence logic is used to provide the connection between the system and the database.
• View (V): The view consists of the presentation logic, it helps in the displaying the data from browsers. This layer is implemented with the help of the HTML, JSP
• Controller (C): The Controller is implemented with the help of the servlet. This layer act as the interface between the view and the model. The controller accepts the request the request from browser and sends the response call the model or the view accordingly.
In the Model 2 to view the data controller collects the input from the browser and call the service layer, the service layer calls the DAO for the database operation, once the database operation over the data returns to the service layer and to the controller, from controller to the view which displays the data on the browser.
3.3.2 Hypertext Markup Language
• HTML is the mark up language it is used to describe the web pages.
• HTML contains tags to which defies the web pages, it is not the programming language.
• HTML tags are not user-defined one they are the keywords which are placed inside the angular brackets <>.
• HTML code can be written in different editors like: Netbeans, EidtPlus, Notepad++ and many more
3.3.2. Cascading Style Sheet
• CSS is the markup language which is used for the presentation purpose.
• CSS makes the web pages more dynamic and user friendly.
• Styles can be provided for an element they are the inline css.
• Styles can be applied for website, by storing the style in separate file and added externally. Which helps in the reusability of the code
3.3.3. Java Server Page
• Java Server page (JSP) provides the dynamically contents for the web- pages.
• JSP allows to write the java code write anywhere in the page starting and ending with the <% %> symbols respectively.
• JSP also allows static web contents like (XML or HTML) tags.
• JSP technology is the combination of both static and the dynamic contents.
• In JSP engine can able to add the additional extension by using the web.xml.
• Java is the high-level object oriented programming language.
• Java provides the reliability, which helps to execute codes in any system.
• While executing java program first the compiler will create new .class file for the .java file by translating to byte code.
• The byte code is changed to machine code with the help of Just in Time Compiler and display results.
• Java compiles the code and display the result in the console, which helps for the developer to find the error while running the application.
• JDBC is the standard API for Java, which is used to connect the database servers and the Java program.
• JDBC is the product of the SUN, which are developed mainly to provide the API between server and the ui
• JDBC offers the SQL database operating like inserting, updating records to the database.
• JDBC offers the plug-ins for the particular servers. Need to add those plug-in of the server to connect between the server and the program.
• Mysql is the open source management system.
• Multi-users access to the number of databases provided by the Mysql server, which uses the standard query language for the operations.
• For the web applications Mysql is the best choice for database, as it is the centralized component.
• Mysql is compatible with all operating system, it support multi-language and remotely configured.
Mysql>SELECT CURRENT VERSION
Mysql> USE RAJKUMAR SYSTEM;
3.3.7 Eclipse: it is used in developing applications. it contains a base working area and an extensible plug-in the system for customize the environment. Eclipse can be writing most probably in java and its primary use is for developing java application, but it may also be used to develop in other programming through including: ADA C, C++, and COBOL FORTRAN.
3.4 HARDWARE AND SOFTWARE REQUIREMENTS
• Processor : Intel I3 above
• Speed : 766MHZ and above
• RAM : 8GB
• Hard Disk : 1TB
• Operating system : Windows 8.1
• Coding Language : Java
• Web Technologies : HTML, JSP, CSS
• Tool used : Eclipse
• Database : MySql 5.
4.1 System architecture:
The systems architecture describes the structure of system. This is the conceptual model which tells the high level overview of system, in which system defines the objects of the system and the between these objects.
Sub systems are the sub branch of every large System. The Architecture of the system will help to know about system as well as related parts. System architecture is the conceptual model which will help as to know about working, behavior etc. This will show the ability of the system what all task it can perform.
4.2 Context Diagram
In system design we are using many of the diagrams to represent our system in understandable to the developer. For that we are using the DFD, expended as data flow diagram the name as it will show the flow of the data presented in the system. The DFD can be represented in number of levels.
Zero Level DFD
The above figure shows data flow diagram level 0 which admin logs for doing register and making key distribution and authority for multi copy
First Level DFD:
This figure show the level one data flow diagram which are after login group member or user should register and read or write files and stores in the cloud itself.
Second level DFD:
The second level daigram which shows whole project flow in this diagram after user registraion the member shuold do key giving out and read or write data for uploading file with allocates private key.
5.1 Use Case Diagram
This will show the relationship between the actor and the system. Actor is nothing but the user of the system. The use case must contain at least one performer or it can have more than one also. Actors are use as the agents in the use case Actor may act as internal or external agents. This diagram illustrates the relationship between the actor and the use cases.
Fig: 5.1 Use Case
Above shows the use case diagram in this project which works with user or admin ,and client user register with authentication by giving correct password security and the group manager or user can have private key for uploading a file.
5.2 Sequence Diagram:
Sequence of the activity can be displayed by using the sequence diagram. It model will collaborate the object with respect to time. The object interaction with the user and some other object can be displayed in this diagram. Actor, life line etc. are used to draw the sequence diagram.
Fig: 5.2 Sequence Diagram
The above figures shows the sequence diagram while seeing this diagram people can understand for clearly about this project, where life line and recursive messages shows the clear flow of the project where admin does login and cloud access or stores the password and user name request data for file uploading while at the encryption and decrypt the data before that creates private key .
5.3 COLLABORATION DIAGRAM
In UML diagrams we have collaboration diagram. This is also known as communication diagram. It shows the relationship between the object and the related methods. in collaboration four-sided figure box represent the entity associates with the system and the line show the connection along with the message.
Fig: 5.3 Collaboration Diagram
The above UML collaboration diagram shows communication of the system its showing above relationship from one object to another object.
5.4 ACTIVITY DIAGRAM
Activity diagram is the one of the UML diagram which indicates the flow of the activity. It is like flow chart. It represents the flow from one object to another. The flow can be there will be continues, branching or parallel.
Fig: 5.4 Activity Diagram
The above activity diagram shows the graphical workflow where user first login from proxy server and registers from cloud members to group provider and access key .
...(download the rest of the essay above)