www.jpinfotech.blogspot.com
Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the
CloudDissertation Submitted to theJAWAHARLAL NEHRUTECHNOLOGICAL
UNIVERSITYIn partial fulfillment of the requirement for the award
of degree of
MASTER OF TECHNOLOGY
IN
INFORMATION TECHNOLOGY
By
MOHD ISHAQ08B91D4006
Under the guidance ofMr.G.RAJEST (M. Tech.)Assistant
Professor
DEPARTMENTOFINFORMATION TECHNOLOGYGURU NANAK INSTITUTIONS
TECHNICAL CAMPUS (accredited by NBA)IBRAHIMPATNAM,R.R district
CertificateThis is to certify that the dissertation entitled
MONA: SECURE MULTI-OWNER DATA SHARING FOR DYNAMIC GROUPS IN THE
CLOUD is a confide work done and submitted by Mr. Mohd Ishaq
bearing Roll No(08B91D4006), in partial fulfillment of the
requirement for the award of degree of Master Of Technology In
Information Technology Guru Nanak Institutions Technical Campus
Affiliated To Jawaharlal NehruTechnological University, Hyderabad
is a record of bonafide work carried out by him under our guidance
and supervision.The results presented in this dissertation have
been verified and are found to be satisfactory. The results
embodied in this dissertation have not been submitted to any other
universit for the award of any other degree or diplomaOrganization
ProfileCOMPANY PROFILE:
Founded in 2009, JP iNFOTeCH located at Puducherry, has a rich
background in developing academic student projects, especially in
solving latest IEEE Papers, Software Development and continues its
entire attention on achieving transcending excellence in the
Development and Maintenance of Software Projects and Products in
Many Areas.
In Today's Modern Technological Competitive Environment,
Students in Computer Science Stream Want To Ensure That They Are
Getting Guidance In An Organization That Can Meet Their
Professional Needs. With Our Well Equipped Team of Solid
Information Systems Professionals, Who Study, Design, Develop,
Enhance, Customize, Implement, Maintain and Support Various Aspects
Of Information Technology, Students Can Be Sure.
We Understand The Students Needs, And Develop Their Quality Of
Professional Life By Simply Making The Technology Readily Usable
For Them. We Practice Exclusively in Software Development, Network
Simulation, Search Engine Optimization, Customization And System
Integration. Our Project Methodology Includes Techniques For
Initiating A Project, Developing The Requirements, Making Clear
Assignments To The Project Team, Developing A Dynamic Schedule,
Reporting Status To Executives And Problem Solving.
The indispensable factors, which give the competitive advantages
over others in the market, may be slated as: Performance Pioneering
efforts Client satisfaction Innovative concepts Constant
Evaluations Improvisation Cost EffectivenessAbout The People:As a
team we have the clear vision and realize it too. As a statistical
evaluation, the team has more than 40,000 hours of expertise in
providing real-time solutions in the fields of Android Mobile Apps
Development, Networking, Web Designing, Secure Computing, Mobile
Computing, Cloud Computing, Image Processing And Implementation,
Networking With OMNET++ Simulator, client Server Technologies in
Java,(J2EE\J2ME\EJB), ANDROID, DOTNET (ASP.NET, VB.NET, C#.NET),
MATLAB, NS2, SIMULINK, EMBEDDED, POWER ELECTRONICS, VB & VC++,
Oracle and operating system concepts with LINUX.Our
Vision:Impossible as Possible this is our vision; we work according
to our vision.
ABSTRACT:With the character of low maintenance, cloud computing
provides an economical and efficient solution for sharing group
resource among cloud users. Unfortunately, sharing data in a
multi-owner manner while preserving data and identity privacy from
an untrusted cloud is still a challenging issue, due to the
frequent change of the membership. In this paper, we propose a
secure multiowner data sharing scheme, named Mona, for dynamic
groups in the cloud. By leveraging group signature and dynamic
broadcast encryption techniques, any cloud user can anonymously
share data with others. Meanwhile, the storage overhead and
encryption computation cost of our scheme are independent with the
number of revoked users. In addition, we analyze the security of
our scheme with rigorous proofs, and demonstrate the efficiency of
our scheme in experiments.
INTRODUCTIONWhat is cloud computing? Cloud computing is the use
of computing resources (hardware and software) that are delivered
as a service over a network (typically the Internet). The name
comes from the common use of a cloud-shaped symbol as an
abstraction for the complex infrastructure it contains in system
diagrams. Cloud computing entrusts remote services with a user's
data, software and computation. Cloud computing consists of
hardware and software resources made available on the Internet as
managed third-party services. These services typically provide
access to advanced software applications and high-end networks of
server computers.
Structure of cloud computingHow Cloud Computing Works?The goal
of cloud computing is to apply traditionalsupercomputing,
orhigh-performance computingpower, normally used by military and
research facilities, to perform tens of trillions of computations
per second, in consumer-oriented applications such as financial
portfolios, to deliver personalized information, to provide data
storage or to power large, immersive computer games.The cloud
computing usesnetworksof large groups ofserverstypically running
low-cost consumer PC technology with specialized connections to
spread data-processing chores across them. This
sharedITinfrastructure contains large pools of systems that are
linked together. Often,virtualization techniques are used to
maximize the power of cloud computing.
Characteristics and Services Models: The salient characteristics
of cloud computingbased on the definitions provided by the National
Institute of Standards and Terminology (NIST) are outlined below:
On-demand self-service: A consumer can unilaterally provision
computing capabilities, such as server time and network storage, as
needed automatically without requiring human interaction with each
services provider. Broad network access: Capabilities are available
over the network and accessed through standard mechanisms that
promote use by heterogeneous thin or thick client platforms (e.g.,
mobile phones, laptops, and PDAs). Resource pooling: The providers
computing resources are pooled to serve multiple consumers using a
multi-tenant model, with different physical and virtual resources
dynamically assigned and reassigned according to consumer demand.
There is a sense of location-independence in that the customer
generally has no control or knowledge over the exact location of
the provided resources but may be able to specify location at a
higher level of abstraction (e.g., country, state, or data center).
Examples of resources include storage, processing, memory, network
bandwidth, and virtual machines. Rapid elasticity: Capabilities can
be rapidly and elastically provisioned, in some cases
automatically, to quickly scale out and rapidly released to quickly
scale in. To the consumer, the capabilities available for
provisioning often appear to be unlimited and can be purchased in
any quantity at any time. Measured service: Cloud systems
automatically control and optimize resource use by leveraging a
metering capability at some level of abstraction appropriate to the
type of service (e.g., storage, processing, bandwidth, and active
user accounts). Resource usage can be managed, controlled, and
reported providing transparency for both the provider and consumer
of the utilized service.
Characteristics of cloud computing
Services Models: Cloud Computing comprises three different
service models, namely Infrastructure-as-a-Service (IaaS),
Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS). The
three service models or layer are completed by an end user layer
that encapsulates the end user perspective on cloud services. The
model is shown in figure below. If a cloud user accesses services
on the infrastructure layer, for instance, she can run her own
applications on the resources of a cloud infrastructure and remain
responsible for the support, maintenance, and security of these
applications herself. If she accesses a service on the application
layer, these tasks are normally taken care of by the cloud service
provider.
Structure of service modelsBenefits of cloud computing:1.
Achieve economies of scale increase volume output or productivity
with fewer people. Your cost per unit, project or product plummets.
2. Reduce spending on technology infrastructure. Maintain easy
access to your information with minimal upfront spending. Pay as
you go (weekly, quarterly or yearly), based on demand. 3. Globalize
your workforce on the cheap. People worldwide can access the cloud,
provided they have an Internet connection. 4. Streamline processes.
Get more work done in less time with less people. 5. Reduce capital
costs. Theres no need to spend big money on hardware, software or
licensing fees. 6. Improve accessibility. You have access anytime,
anywhere, making your life so much easier! 7. Monitor projects more
effectively. Stay within budget and ahead of completion cycle
times. 8. Less personnel training is needed. It takes fewer people
to do more work on a cloud, with a minimal learning curve on
hardware and software issues.9. Minimize licensing new software.
Stretch and grow without the need to buy expensive software
licenses or programs. 10. Improve flexibility. You can change
direction without serious people or financial issues at stake.
Advantages:1. Price:Pay for only the resources used.2. Security:
Cloud instances are isolated in the network from other instances
for improved security.3. Performance: Instances can be added
instantly for improved performance. Clients have access to the
total resources of the Clouds core hardware.4. Scalability:
Auto-deploy cloud instances when needed.5. Uptime: Uses multiple
servers for maximum redundancies. In case of server failure,
instances can be automatically created on another server.6.
Control: Able to login from any location. Server snapshot and a
software library lets you deploy custom instances.7. Traffic: Deals
with spike in traffic with quick deployment of additional instances
to handle the load.CLOUD computing is recognized as an alternative
to traditional information technology [1] due to its intrinsic
resource-sharing and low-maintenance characteristics. In cloud
computing, the cloud service providers (CSPs), such as Amazon, are
able to deliver various services to cloud users with the help of
powerful datacenters. By migrating the local data management
systems into cloud servers, users can enjoy high-quality services
and save significant investments on their local infrastructures.
One of the most fundamental services offered by cloud providers is
data storage. Let us consider a practical data application. A
company allows its staffs in the same group or department to store
and share files in the cloud. By utilizing the cloud, the staffs
can be completely released from the troublesome local data storage
and maintenance. However, it also poses a significant risk to the
confidentiality of those stored files. Specifically, the cloud
servers managed by cloud providers are not fully trusted by users
while the data files stored in the cloud may be sensitive and
confidential, such as business plans. To preserve data privacy, a
basic solution is to encrypt data files, and then upload the
encrypted data into the cloud [2]. Unfortunately, designing an
efficient and secure data sharing scheme for groups in the cloud is
not an easy task due to the following challenging issues.First,
identity privacy is one of the most significant obstacles for the
wide deployment of cloud computing. Without the guarantee of
identity privacy, users may be unwilling to join in cloud computing
systems because their real identities could be easily disclosed to
cloud providers and attackers. On the other hand, unconditional
identity privacy may incur the abuse of privacy. For example, a
misbehaved staff can deceive others in the company by sharing false
files without being traceable. Therefore, traceability, which
enables the group manager (e.g., a company manager) to reveal the
real identity of a user, is also highly desirable. Second, it is
highly recommended that any member in a group should be able to
fully enjoy the data storing and sharing services provided by the
cloud, which is defined as the multiple-owner manner. Compared with
the single-owner manner [3], where only the group manager can store
and modify data in the cloud, the multiple-owner manner is more
flexible in practical applications. More concretely, each user in
the group is able to not only read data, but also modify his/her
part of data in the entire data file shared by the company. Last
but not least, groups are normally dynamic in practice, e.g., new
staff participation and current employee revocation in a company.
The changes of membership make secure data sharing extremely
difficult. On one hand, the anonymous system challenges new granted
users to learn the content of data files stored before their
participation, because it is impossible for new granted users to
contact with anonymous data owners, and obtain the corresponding
decryption keys. On the other hand, an efficient membership
revocation mechanism without updating the secret keys of the
remaining users is also desired to minimize the complexity of key
management.
LITERATURE SURVEY
1) Plutus: Scalable Secure File Sharing on Untrusted
StorageAUTHORS: M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang,
and K. FuPlutus is a cryptographic storage system that enables
secure file sharing without placing much trust on the file servers.
In particular, it makes novel use of cryptographic primitives to
protect and share files. Plutus features highly scalable key
management while allowing individual users to retain direct control
over who gets access to their files. We explain the mechanisms in
Plutus to reduce the number of cryptographic keys exchanged between
users by using filegroups, distinguish file read and write access,
handle user revocation efficiently, and allow an untrusted server
to authorize file writes. We have built a prototype of Plutus on
OpenAFS. Measurements of this prototype show that Plutus achieves
strong security with overhead comparable to systems that encrypt
all network traffic.
2) Sirius: Securing Remote Untrusted StorageAUTHORS: E. Goh, H.
Shacham, N. Modadugu, and D. BonehThis paper presents SiRiUS, a
secure file system designed to be layered over insecure network and
P2P file systems such as NFS, CIFS, OceanStore, and Yahoo!
Briefcase. SiRiUS assumes the network storage is untrusted and
provides its own read-write cryptographic access control for file
level sharing. Key management and revocation is simple with minimal
out-of-band communication. File system freshness guarantees are
supported by SiRiUS using hash tree constructions. SiRiUS contains
a novel method of performing file random access in a cryptographic
file system without the use of a block server. Extensions to SiRiUS
include large scale group sharing using the NNL key revocation
construction. Our implementation of SiRiUS performs well relative
to the underlying file system despite using cryptographic
operations.
3) Improved Proxy Re-Encryption Schemes with Applications to
Secure Distributed StorageAUTHORS: G. Ateniese, K. Fu, M. Green,
and S. HohenbergerIn 1998, Blaze, Bleumer, and Strauss (BBS)
proposed an application called atomic proxy re-encryption, in which
a semitrusted proxy converts a ciphertext for Alice into a
ciphertext for Bob without seeing the underlying plaintext. We
predict that fast and secure re-encryption will become increasingly
popular as a method for managing encrypted file systems. Although
efficiently computable, the wide-spread adoption of BBS
re-encryption has been hindered by considerable security risks.
Following recent work of Dodis and Ivan, we present new
re-encryption schemes that realize a stronger notion of security
and demonstrate the usefulness of proxy re-encryption as a method
of adding access control to a secure file system. Performance
measurements of our experimental file system demonstrate that proxy
re-encryption can work effectively in practice.
4) Secure Provenance: The Essential of Bread and Butter of Data
Forensics in Cloud ComputingAUTHORS: R. Lu, X. Lin, X. Liang, and
X. ShenSecure provenance that records ownership and process history
of data objects is vital to the success of data forensics in cloud
computing, yet it is still a challenging issue today. In this
paper, to tackle this unexplored area in cloud computing, we
proposed a new secure provenance scheme based on the bilinear
pairing techniques. As the essential bread and butter of data
forensics and post investigation in cloud computing, the proposed
scheme is characterized by providing the information
confidentiality on sensitive documents stored in cloud, anonymous
authentication on user access, and provenance tracking on disputed
documents. With the provable security techniques, we formally
demonstrate the proposed scheme is secure in the standard
model.
5) Ciphertext-Policy Attribute-Based Encryption: An Expressive,
Efficient, and Provably Secure RealizationAUTHORS: B. WatersWe
present a new methodology for realizing Ciphertext-Policy Attribute
Encryption (CP-ABE) under concrete and noninteractive cryptographic
assumptions in the standard model. Our solutions allow any
encryptor to specify access control in terms of any access formula
over the attributes in the system. In our most efficient system,
ciphertext size, encryption, and decryption time scales linearly
with the complexity of the access formula. The only previous work
to achieve these parameters was limited to a proof in the generic
group model.We present three constructions within our framework.
Our first system is proven selectively secure under a assumption
that we call the decisional Parallel Bilinear Diffie-Hellman
Exponent (PBDHE) assumption which can be viewed as a generalization
of the BDHE assumption. Our next two constructions provide
performance tradeoffs to achieve provable security respectively
under the (weaker) decisional Bilinear-Diffie-Hellman Exponent and
decisional Bilinear Diffie-Hellman assumptions.
SYSTEM ANALYSISEXISTING SYSTEM:To preserve data privacy, a basic
solution is to encrypt data files, and then upload the encrypted
data into the cloud. Unfortunately, designing an efficient and
secure data sharing scheme for groups in the cloud is not an easy
task.
In the existing System data owners store the encrypted data
files in untrusted storage and distribute the corresponding
decryption keys only to authorized users. Thus, unauthorized users
as well as storage servers cannot learn the content of the data
files because they have no knowledge of the decryption keys.
However, the complexities of user participation and revocation in
these schemes are linearly increasing with the number of data
owners and the number of revoked users, respectively.
DISADVANTAGES OF EXISTING SYSTEM: In the existing Systems,
identity privacy is one of the most significant obstacles for the
wide deployment of cloud computing. Without the guarantee of
identity privacy, users may be unwilling to join in cloud computing
systems because their real identities could be easily disclosed to
cloud providers and attackers. On the other hand, unconditional
identity privacy may incur the abuse of privacy. For example, a
misbehaved staff can deceive others in the company by sharing false
files without being traceable.
Only the group manager can store and modify data in the
cloud
The changes of membership make secure data sharing extremely
difficult the issue of user revocation is not addressed
PROPOSED SYSTEM:
1. We propose a secure multi-owner data sharing scheme. It
implies that any user in the group can securely share data with
others by the untrusted cloud.
2. Our proposed scheme is able to support dynamic groups
efficiently. Specifically, new granted users can directly decrypt
data files uploaded before their participation without contacting
with data owners. User revocation can be easily achieved through a
novel revocation list without updating the secret keys of the
remaining users. The size and computation overhead of encryption
are constant and independent with the number of revoked users.
3. We provide secure and privacy-preserving access control to
users, which guarantees any member in a group to anonymously
utilize the cloud resource. Moreover, the real identities of data
owners can be revealed by the group manager when disputes
occur.
4. We provide rigorous security analysis, and perform extensive
simulations to demonstrate the efficiency of our scheme in terms of
storage and computation overhead.
ADVANTAGES OF PROPOSED SYSTEM: Any user in the group can store
and share data files with others by the cloud.
The encryption complexity and size of ciphertexts are
independent with the number of revoked users in the system.
User revocation can be achieved without updating the private
keys of the remaining users.
A new user can directly decrypt the files stored in the cloud
before his participation.
SYSTEM REQUIREMENTS:HARDWARE REQUIREMENTS: System: Pentium IV
2.4 GHz. Hard Disk: 40 GB. Monitor: 15 inch VGA Colour. Mouse:
Logitech Mouse. Ram: 512 MB Keyboard: Standard Keyboard
SOFTWARE REQUIREMENTS: Operating System: Windows XP. Coding
Language: ASP.NET, C#.Net. Database: SQL Server 2005
SYSTEM STUDY
FEASIBILITY STUDY
The feasibility of the project is analyzed in this phase and
business proposal is put forth with a very general plan for the
project and some cost estimates. During system analysis the
feasibility study of the proposed system is to be carried out. This
is to ensure that the proposed system is not a burden to the
company. For feasibility analysis, some understanding of the major
requirements for the system is essential.
Three key considerations involved in the feasibility analysis
are
ECONOMICAL FEASIBILITY TECHNICAL FEASIBILITY SOCIAL
FEASIBILITY
ECONOMICAL FEASIBILITY This study is carried out to check the
economic impact that the system will have on the organization. The
amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and
this was achieved because most of the technologies used are freely
available. Only the customized products had to be purchased.
TECHNICAL FEASIBILITY This study is carried out to check the
technical feasibility, that is, the technical requirements of the
system. Any system developed must not have a high demand on the
available technical resources. This will lead to high demands on
the available technical resources. This will lead to high demands
being placed on the client. The developed system must have a modest
requirement, as only minimal or null changes are required for
implementing this system.
SOCIAL FEASIBILITY The aspect of study is to check the level of
acceptance of the system by the user. This includes the process of
training the user to use the system efficiently. The user must not
feel threatened by the system, instead must accept it as a
necessity. The level of acceptance by the users solely depends on
the methods that are employed to educate the user about the system
and to make him familiar with it. His level of confidence must be
raised so that he is also able to make some constructive criticism,
which is welcomed, as he is the final user of the system.
SYSTEM DESIGNSYSTEM ARCHITECTURE:
Data Flow Diagram:
UseCase Diagram:
Class Diagram:
Sequence Diagram:
Activity Diagram:
IMPLEMENTATIONMODULES:1.Cloud Module 2.Group Manager Module
3.Group Member Module 4.File Security Module 5.Group Signature
Module 6. User Revocation Module .
MODULES DESCRIPTION:
1.Cloud Module :In this module, we create a local Cloud and
provide priced abundant storage services. The users can upload
their data in the cloud. We develop this module, where the cloud
storage can be made secure. However, the cloud is not fully trusted
by users since the CSPs are very likely to be outside of the cloud
users trusted domain. Similar to we assume that the cloud server is
honest but curious. That is, the cloud server will not maliciously
delete or modify user data due to the protection of data auditing
schemes, but will try to learn the content of the stored data and
the identities of cloud users.
2.Group Manager Module :Group manager takes charge of
followings,1. System parameters generation,2. User registration, 3.
User revocation, and 4. Revealing the real identity of a dispute
data owner. Therefore, we assume that the group manager is fully
trusted by the other parties. The Group manager is the admin. The
group manager has the logs of each and every process in the cloud.
The group manager is responsible for user registration and also
user revocation too.
3.Group Member Module :Group members are a set of registered
users that will1. store their private data into the cloud server
and 2. Share them with others in the group.
Note that, the group membership is dynamically changed, due to
the staff resignation and new employee participation in the
company. The group member has the ownership of changing the files
in the group. Whoever in the group can view the files which are
uploaded in their group and also modify it. The group meme
4.File Security Module :1. Encrypting the data file.2. File
stored in the cloud can be deleted by either the group manager or
the data owner.(i.e., the member who uploaded the file into the
server). 5.Group Signature Module :A group signature scheme allows
any member of the group to sign messages while keeping the identity
secret from verifiers. Besides, the designated group manager can
reveal the identity of the signatures originator when a dispute
occurs, which is denoted as traceability.
6. User Revocation Module :User revocation is performed by the
group manager via a public available revocation list (RL), based on
which group members can encrypt their data files and ensure the
confidentiality against the revoked users.
INPUT DESIGNThe input design is the link between the information
system and the user. It comprises the developing specification and
procedures for data preparation and those steps are necessary to
put transaction data in to a usable form for processing can be
achieved by inspecting the computer to read data from a written or
printed document or it can occur by having people keying the data
directly into the system. The design of input focuses on
controlling the amount of input required, controlling the errors,
avoiding delay, avoiding extra steps and keeping the process
simple. The input is designed in such a way so that it provides
security and ease of use with retaining the privacy. Input Design
considered the following things: What data should be given as
input? How the data should be arranged or coded? The dialog to
guide the operating personnel in providing input. Methods for
preparing input validations and steps to follow when error occur.
OBJECTIVES
1.Input Design is the process of converting a user-oriented
description of the input into a computer-based system. This design
is important to avoid errors in the data input process and show the
correct direction to the management for getting correct information
from the computerized system.
2. It is achieved by creating user-friendly screens for the data
entry to handle large volume of data. The goal of designing input
is to make data entry easier and to be free from errors. The data
entry screen is designed in such a way that all the data
manipulates can be performed. It also provides record viewing
facilities.3.When the data is entered it will check for its
validity. Data can be entered with the help of screens. Appropriate
messages are provided as when needed so that the user will not be
in maize of instant. Thus the objective of input design is to
create an input layout that is easy to follow
OUTPUT DESIGNA quality output is one, which meets the
requirements of the end user and presents the information clearly.
In any system results of processing are communicated to the users
and to other system through outputs. In output design it is
determined how the information is to be displaced for immediate
need and also the hard copy output. It is the most important and
direct source information to the user. Efficient and intelligent
output design improves the systems relationship to help user
decision-making.1. Designing computer output should proceed in an
organized, well thought out manner; the right output must be
developed while ensuring that each output element is designed so
that people will find the system can use easily and effectively.
When analysis design computer output, they should Identify the
specific output that is needed to meet the requirements.2.Select
methods for presenting information.3.Create document, report, or
other formats that contain information produced by the system.The
output form of an information system should accomplish one or more
of the following objectives. Convey information about past
activities, current status or projections of the Future. Signal
important events, opportunities, problems, or warnings. Trigger an
action. Confirm an action.
Software Environment4.1 Features OF. NetMicrosoft .NET is a set
of Microsoft software technologies for rapidly building and
integrating XML Web services, Microsoft Windows-based applications,
and Web solutions. The .NET Framework is a language-neutral
platform for writing programs that can easily and securely
interoperate. Theres no language barrier with .NET: there are
numerous languages available to the developer including Managed
C++, C#, Visual Basic and Java Script. The .NET framework provides
the foundation for components to interact seamlessly, whether
locally or remotely on different platforms. It standardizes common
data types and communications protocols so that components created
in different languages can easily interoperate.
.NET is also the collective name given to various software
components built upon the .NET platform. These will be both
products (Visual Studio.NET and Windows.NET Server, for instance)
and services (like Passport, .NET My Services, and so on).THE .NET
FRAMEWORK
The .NET Framework has two main parts:
1. The Common Language Runtime (CLR).2. A hierarchical set of
class libraries.
The CLR is described as the execution engine of .NET. It
provides the environment within which programs run. The most
important features are
1. Conversion from a low-level assembler-style language, called
Intermediate Language (IL), into code native to the platform being
executed on.1. Memory management, notably including garbage
collection.1. Checking and enforcing security restrictions on the
running code.1. Loading and executing programs, with version
control and other such features.1. The following features of the
.NET framework are also worth description:
Managed Code The code that targets .NET, and which contains
certain extraInformation - metadata - to describe itself. Whilst
both managed and unmanaged code can run in the runtime, only
managed code contains the information that allows the CLR to
guarantee, for instance, safe execution and interoperability.
Managed Data With Managed Code comes Managed Data. CLR provides
memory allocation and Deal location facilities, and garbage
collection. Some .NET languages use Managed Data by default, such
as C#, Visual Basic.NET and JScript.NET, whereas others, namely
C++, do not. Targeting CLR can, depending on the language youre
using, impose certain constraints on the features available. As
with managed and unmanaged code, one can have both managed and
unmanaged data in .NET applications - data that doesnt get garbage
collected but instead is looked after by unmanaged code.
Common Type System The CLR uses something called the Common Type
System (CTS) to strictly enforce type-safety. This ensures that all
classes are compatible with each other, by describing types in a
common way. CTS define how types work within the runtime, which
enables types in one language to interoperate with types in another
language, including cross-language exception handling. As well as
ensuring that types are only used in appropriate ways, the runtime
also ensures that code doesnt attempt to access memory that hasnt
been allocated to it.
Common Language Specification The CLR provides built-in support
for language interoperability. To ensure that you can develop
managed code that can be fully used by developers using any
programming language, a set of language features and rules for
using them called the Common Language Specification (CLS) has been
defined. Components that follow these rules and expose only CLS
features are considered CLS-compliant.
THE CLASS LIBRARY.NET provides a single-rooted hierarchy of
classes, containing over 7000 types. The root of the namespace is
called System; this contains basic types like Byte, Double,
Boolean, and String, as well as Object. All objects derive from
System. Object. As well as objects, there are value types. Value
types can be allocated on the stack, which can provide useful
flexibility. There are also efficient means of converting value
types to object types if and when necessary.
The set of classes is pretty comprehensive, providing
collections, file, screen, and network I/O, threading, and so on,
as well as XML and database connectivity.The class library is
subdivided into a number of sets (or namespaces), each providing
distinct areas of functionality, with dependencies between the
namespaces kept to a minimum.
LANGUAGES SUPPORTED BY .NET
The multi-language capability of the .NET Framework and Visual
Studio .NET enables developers to use their existing programming
skills to build all types of applications and XML Web services. The
.NET framework supports new versions of Microsofts old favorites
Visual Basic and C++ (as VB.NET and Managed C++), but there are
also a number of new additions to the family.
Visual Basic .NET has been updated to include many new and
improved language features that make it a powerful object-oriented
programming language. These features include inheritance,
interfaces, and overloading, among others. Visual Basic also now
supports structured exception handling, custom attributes and also
supports multi-threading. Visual Basic .NET is also CLS compliant,
which means that any CLS-compliant language can use the classes,
objects, and components you create in Visual Basic .NET.Managed
Extensions for C++ and attributed programming are just some of the
enhancements made to the C++ language. Managed Extensions simplify
the task of migrating existing C++ applications to the new .NET
Framework.C# is Microsofts new language. Its a C-style language
that is essentially C++ for Rapid Application Development. Unlike
other languages, its specification is just the grammar of the
language. It has no standard library of its own, and instead has
been designed with the intention of using the .NET libraries as its
own.
Microsoft Visual J# .NET provides the easiest transition for
Java-language developers into the world of XML Web Services and
dramatically improves the interoperability of Java-language
programs with existing software written in a variety of other
programming languages.
Active State has created Visual Perl and Visual Python, which
enable .NET-aware applications to be built in either Perl or
Python. Both products can be integrated into the Visual Studio .NET
environment. Visual Perl includes support for Active States Perl
Dev Kit.
Other languages for which .NET compilers are available
include
1. FORTRAN1. COBOL1. Eiffel
Fig1 .Net Framework
ASP.NET XML WEB SERVICES Windows Forms
Base Class Libraries
Common Language Runtime
Operating System
C#.NET is also compliant with CLS (Common Language
Specification) and supports structured exception handling. CLS is
set of rules and constructs that are supported by the CLR (Common
Language Runtime). CLR is the runtime environment provided by the
.NET Framework; it manages the execution of the code and also makes
the development process easier by providing services. C#.NET is a
CLS-compliant language. Any objects, classes, or components that
created in C#.NET can be used in any other CLS-compliant language.
In addition, we can use objects, classes, and components created in
other CLS-compliant languages in C#.NET .The use of CLS ensures
complete interoperability among applications, regardless of the
languages used to create the application.
CONSTRUCTORS AND DESTRUCTORS: Constructors are used to
initialize objects, whereas destructors are used to destroy them.
In other words, destructors are used to release the resources
allocated to the object. In C#.NET the sub finalize procedure is
available. The sub finalize procedure is used to complete the tasks
that must be performed when an object is destroyed. The sub
finalize procedure is called automatically when an object is
destroyed. In addition, the sub finalize procedure can be called
only from the class it belongs to or from derived classes.GARBAGE
COLLECTION Garbage Collection is another new feature in C#.NET. The
.NET Framework monitors allocated resources, such as objects and
variables. In addition, the .NET Framework automatically releases
memory for reuse by destroying objects that are no longer in use.
In C#.NET, the garbage collector checks for the objects that are
not currently in use by applications. When the garbage collector
comes across an object that is marked for garbage collection, it
releases the memory occupied by the object.OVERLOADINGOverloading
is another feature in C#. Overloading enables us to define multiple
procedures with the same name, where each procedure has a different
set of arguments. Besides using overloading for procedures, we can
use it for constructors and properties in a class.
MULTITHREADING:C#.NET also supports multithreading. An
application that supports multithreading can handle multiple tasks
simultaneously, we can use multithreading to decrease the time
taken by an application to respond to user interaction. STRUCTURED
EXCEPTION HANDLING C#.NET supports structured handling, which
enables us to detect and remove errors at runtime. In C#.NET, we
need to use TryCatchFinally statements to create exception
handlers. Using TryCatchFinally statements, we can create robust
and effective exception handlers to improve the performance of our
application.
THE .NET FRAMEWORK The .NET Framework is a new computing
platform that simplifies application development in the highly
distributed environment of the Internet. OBJECTIVES OF. NET
FRAMEWORK1. To provide a consistent object-oriented programming
environment whether object codes is stored and executed locally on
Internet-distributed, or executed remotely.2. To provide a
code-execution environment to minimizes software deployment and
guarantees safe execution of code.3. Eliminates the performance
problems. There are different types of application, such as
Windows-based applications and Web-based applications. 4.3 Features
of SQL-SERVER
The OLAP Services feature available in SQL Server version 7.0 is
now called SQL Server 2000 Analysis Services. The term OLAP
Services has been replaced with the term Analysis Services.
Analysis Services also includes a new data mining component. The
Repository component available in SQL Server version 7.0 is now
called Microsoft SQL Server 2000 Meta Data Services. References to
the component now use the term Meta Data Services. The term
repository is used only in reference to the repository engine
within Meta Data ServicesSQL-SERVER database consist of six type of
objects,They are,1. TABLE2. QUERY3. FORM4. REPORT5. MACRO
TABLE: A database is a collection of data about a specific
topic.
VIEWS OF TABLE: We can work with a table in two types,
1. Design View2. Datasheet View
Design View To build or modify the structure of a table we work
in the table design view. We can specify what kind of data will be
hold.
Datasheet View To add, edit or analyses the data itself we work
in tables datasheet view mode.
QUERY: A query is a question that has to be asked the data.
Access gathers data that answers the question from one or more
table. The data that make up the answer is either dynaset (if you
edit it) or a snapshot (it cannot be edited).Each time we run
query, we get latest information in the dynaset. Access either
displays the dynaset or snapshot for us to view or perform an
action on it, such as deleting or updating.
SYSTEM TESTING
The purpose of testing is to discover errors. Testing is the
process of trying to discover every conceivable fault or weakness
in a work product. It provides a way to check the functionality of
components, sub assemblies, assemblies and/or a finished product It
is the process of exercising software with the intent of ensuring
that theSoftware system meets its requirements and user
expectations and does not fail in an unacceptable manner. There are
various types of test. Each test type addresses a specific testing
requirement.
TYPES OF TESTS
Unit testing Unit testing involves the design of test cases that
validate that the internal program logic is functioning properly,
and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done
after the completion of an individual unit before integration. This
is a structural testing, that relies on knowledge of its
construction and is invasive. Unit tests perform basic tests at
component level and test a specific business process, application,
and/or system configuration. Unit tests ensure that each unique
path of a business process performs accurately to the documented
specifications and contains clearly defined inputs and expected
results.Integration testing
Integration tests are designed to test integrated software
components to determine if they actually run as one program.
Testing is event driven and is more concerned with the basic
outcome of screens or fields. Integration tests demonstrate that
although the components were individually satisfaction, as shown by
successfully unit testing, the combination of components is correct
and consistent. Integration testing is specifically aimed at
exposing the problems that arise from the combination of
components.
Functional test
Functional tests provide systematic demonstrations that
functions tested are available as specified by the business and
technical requirements, system documentation, and user
manuals.Functional testing is centered on the following items:Valid
Input : identified classes of valid input must be accepted.Invalid
Input : identified classes of invalid input must be
rejected.Functions : identified functions must be exercised.Output
: identified classes of application outputs must be
exercised.Systems/Procedures: interfacing systems or procedures
must be invoked.
Organization and preparation of functional tests is focused on
requirements, key functions, or special test cases. In addition,
systematic coverage pertaining to identify Business process flows;
data fields, predefined processes, and successive processes must be
considered for testing. Before functional testing is complete,
additional tests are identified and the effective value of current
tests is determined.System Test System testing ensures that the
entire integrated software system meets requirements. It tests a
configuration to ensure known and predictable results. An example
of system testing is the configuration oriented system integration
test. System testing is based on process descriptions and flows,
emphasizing pre-driven process links and integration points.White
Box Testing White Box Testing is a testing in which in which the
software tester has knowledge of the inner workings, structure and
language of the software, or at least its purpose. It is purpose.
It is used to test areas that cannot be reached from a black box
level.Black Box Testing Black Box Testing is testing the software
without any knowledge of the inner workings, structure or language
of the module being tested. Black box tests, as most other kinds of
tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or
requirements document. It is a testing in which the software under
test is treated, as a black box .you cannot see into it. The test
provides inputs and responds to outputs without considering how the
software works.
6.1 Unit Testing:Unit testing is usually conducted as part of a
combined code and unit test phase of the software lifecycle,
although it is not uncommon for coding and unit testing to be
conducted as two distinct phases.
Test strategy and approachField testing will be performed
manually and functional tests will be written in detail.
Test objectives All field entries must work properly. Pages must
be activated from the identified link. The entry screen, messages
and responses must not be delayed.
Features to be tested Verify that the entries are of the correct
format No duplicate entries should be allowed All links should take
the user to the correct page.6.2 Integration Testing
Software integration testing is the incremental integration
testing of two or more integrated software components on a single
platform to produce failures caused by interface defects.The task
of the integration test is to check that components or software
applications, e.g. components in a software system or one step up
software applications at the company level interact without
error.
Test Results: All the test cases mentioned above passed
successfully. No defects encountered.
6.3 Acceptance Testing
User Acceptance Testing is a critical phase of any project and
requires significant participation by the end user. It also ensures
that the system meets the functional requirements.
Test Results: All the test cases mentioned above passed
successfully. No defects encountered.
Screen Shorts
CONCLUSION
In this paper, we design a secure data sharing scheme, Mona, for
dynamic groups in an untrusted cloud. In Mona, a user is able to
share data with others in the group without revealing identity
privacy to the cloud. Additionally, Mona supports efficient user
revocation and new user joining. More specially, efficient user
revocation can be achieved through a public revocation list without
updating the private keys of the remaining users, and new users can
directly decrypt files stored in the cloud before their
participation. Moreover, the storage overhead and the encryption
computation cost are constant. Extensive analyses show that our
proposed scheme satisfies the desired security requirements and
guarantees efficiency as well.
REFERENCES[1] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph,
R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I.
Stoica, and M. Zaharia, A View of Cloud Computing, Comm. ACM, vol.
53, no. 4, pp. 50-58, Apr. 2010.
[2] S. Kamara and K. Lauter, Cryptographic Cloud Storage, Proc.
Intl Conf. Financial Cryptography and Data Security (FC), pp.
136-149, Jan. 2010.
[3] S. Yu, C. Wang, K. Ren, and W. Lou, Achieving Secure,
Scalable, and Fine-Grained Data Access Control in Cloud Computing,
Proc. IEEE INFOCOM, pp. 534-542, 2010.
[4] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K.
Fu, Plutus: Scalable Secure File Sharing on Untrusted Storage,
Proc. USENIX Conf. File and Storage Technologies, pp. 29-42,
2003.
[5] E. Goh, H. Shacham, N. Modadugu, and D. Boneh, Sirius:
Securing Remote Untrusted Storage, Proc. Network and Distributed
Systems Security Symp. (NDSS), pp. 131-145, 2003.
[6] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, Improved
Proxy Re-Encryption Schemes with Applications to Secure Distributed
Storage, Proc. Network and Distributed Systems Security Symp.
(NDSS), pp. 29-43, 2005.
[7] R. Lu, X. Lin, X. Liang, and X. Shen, Secure Provenance: The
Essential of Bread and Butter of Data Forensics in Cloud Computing,
Proc. ACM Symp. Information, Computer and Comm. Security, pp.
282-292, 2010.
[8] B. Waters, Ciphertext-Policy Attribute-Based Encryption: An
Expressive, Efficient, and Provably Secure Realization, Proc. Intl
Conf. Practice and Theory in Public Key Cryptography Conf. Public
Key Cryptography, http://eprint.iacr.org/2008/290.pdf, 2008.
[9] V. Goyal, O. Pandey, A. Sahai, and B. Waters,
Attribute-Based Encryption for Fine-Grained Access Control of
Encrypted Data, Proc. ACM Conf. Computer and Comm. Security (CCS),
pp. 89-98, 2006.
[10] D. Naor, M. Naor, and J.B. Lotspiech, Revocation and
Tracing Schemes for Stateless Receivers, Proc. Ann. Intl Cryptology
Conf. Advances in Cryptology (CRYPTO), pp. 41-62, 2001.
[11] D. Boneh and M. Franklin, Identity-Based Encryption from
the Weil Pairing, Proc. Intl Cryptology Conf. Advances in
Cryptology (CRYPTO), pp. 213-229, 2001.
[12] D. Boneh, X. Boyen, and H. Shacham, Short Group Signature,
Proc. Intl Cryptology Conf. Advances in Cryptology (CRYPTO), pp.
41-55, 2004.
[13] D. Boneh, X. Boyen, and E. Goh, Hierarchical Identity Based
Encryption with Constant Size Ciphertext, Proc. Ann. Intl Conf.
Theory and Applications of Cryptographic Techniques (EUROCRYPT),
pp. 440-456, 2005.
[14] C. Delerablee, P. Paillier, and D. Pointcheval, Fully
Collusion Secure Dynamic Broadcast Encryption with Constant-Size
Ciphertexts or Decryption Keys, Proc. First Intl Conf.
Pairing-Based Cryptography, pp. 39-59, 2007.
[15] D. Chaum and E. van Heyst, Group Signatures, Proc. Intl
Conf. Theory and Applications of Cryptographic Techniques
(EUROCRYPT), pp. 257-265, 1991.
[16] A. Fiat and M. Naor, Broadcast Encryption, Proc. Intl
Cryptology Conf. Advances in Cryptology (CRYPTO), pp. 480-491,
1993.
[17] B. Wang, B. Li, and H. Li, Knox: Privacy-Preserving
Auditing for Shared Data with Large Groups in the Cloud, Proc. 10th
Intl Conf. Applied Cryptography and Network Security, pp. 507-525,
2012.
[18] C. Wang, Q. Wang, K. Ren, and W. Lou, Privacy-Preserving
Public Auditing for Data Storage Security in Cloud Computing, Proc.
IEEE INFOCOM, pp. 525-533, 2010.
[19] B. Sheng and Q. Li, Verifiable Privacy-Preserving Range
Query in Two-Tiered Sensor Networks, Proc. IEEE INFOCOM, pp. 46-50,
2008.
[20] D. Boneh, B. Lynn, and H. Shacham, Short Signature from the
Weil Pairing, Proc. Intl Conf. Theory and Application of Cryptology
and Information Security: Advances in Cryptology, pp. 514-532,
2001.
[21] D. Pointcheval and J. Stern, Security Arguments for Digital
Signatures and Blind Signatures, J. Cryptology, vol. 13, no. 3, pp.
361-396, 2000.[22] The GNU Multiple Precision Arithmetic Library
(GMP), http://gmplib.org/, 2013.
[23] Multiprecision Integer and Rational Arithmetic C/C++
Library (MIRACL), http://certivox.com/, 2013.
[24] The Pairing-Based Cryptography Library (PBC),
http://crypto.stanford.edu/pbc/howto.html, 2013.
