appendix 1 final

72
SMIT CHAPTER 1 1

Upload: prashanth-baskaran

Post on 28-Mar-2015

385 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: APPENDIX 1 final

SMIT

CHAPTER 1

1

Page 2: APPENDIX 1 final

SMIT

1.INTRODUCTION:

The term “cloud” appears to have its origins in network diagrams that represented the

internet, or various parts of it, as schematic clouds. “Cloud computing” was coined for what

happens when applications and services are moved into the internet “cloud.” It is a pool of

abstracted, highly scalable, and managed compute infrastructure capable of hosting end-

customer applications and billed by consumption. A paradigm in which information is

permanently stored in servers on the Internet and cached temporarily on clients that

include desktops, entertainment centers, table computers, notebooks, wall computers,

handhelds etc. Cloud computing may trace back to a time when computer systems remotely

time-shared computing resources and applications. More currently though, cloud computing

refers to the many different types of services and applications being delivered in the internet

cloud, and the fact that, in many cases, the devices used to access these services and

applications do not require any special applications.

1.1 CHARACTERISTICS:

Cloud computing has a variety of characteristics, with the main ones being:

1.1.1Shared Infrastructure:

Uses a virtualized software model, enabling the sharing of physical services, storage,

and networking capabilities. The cloud infrastructure, regardless of deployment model, seeks

to make the most of the available infrastructure across a number of users.

1.1.2 Dynamic Provisioning:

Allows for the provision of services based on current demand requirements. This is

done automatically using software automation, enabling the expansion and contraction of

service capability, as needed. This dynamic scaling needs to be done while maintaining high

levels of reliability and security.

2

Page 3: APPENDIX 1 final

SMIT

Network Access:

Needs to be accessed across the internet from a broad range of devices such as PCs,

laptops, and mobile devices, using standards-based APIs (for example, ones based on

HTTP). Deployments of services in the cloud include everything from using business

applications to the latest application on the newest smartphones.

Managed Metering:

Uses metering for managing and optimizing the service and to provide reporting and

billing information. In this way, consumers are billed for services according to how much

they have actually used during the billing period.

1.2SERVICE MODELS:

Once a cloud is established, how its cloud computing services are deployed in terms

of business models can differ depending on requirements. The primary service models being

deployed are commonly known as:

1.2.1 Software as a Service (SaaS):

Consumers purchase the ability to access and use an application or service that is

hosted in the cloud, where necessary information for the interaction between the consumer

and the service is hosted as part of the service in the cloud.

1.2.2Platform as a Service (PaaS):

Consumers purchase access to the platforms, enabling them to deploy their own

software and applications in the cloud. The operating systems and network access are not

managed by the consumer, and there might be constraints as to which applications can be

deployed.

3

Page 4: APPENDIX 1 final

SMIT

1.2.3 Infrastructure as a Service(IaaS):

Consumers control and manage the systems in terms of the operating systems,

applications, storage, and network connectivity, but do not themselves control the cloud

infrastructure.

Enduser application is delivered as a service. Platform and infrastructure is abstracted, and can deployed

and managed with less effort

Application platform onto which custom applications and services can be deployed. Can be built and deployed more inexpensively, although services need to be supported and managed.

Physical infrastructure is abstracted to provide computing, storage, and networking as a service, avoiding the expense and need for dedicated systems.

Fig 1.1 Service Model Types

4

Software as a Service(SaaS)

Platform as a Service(PaaS)

Infrastructure as a Service(IaaS)

Page 5: APPENDIX 1 final

SMIT

1.3 DEPLOYMENT MODELS:

Deploying cloud computing can differ depending on requirements, and the following

four deployment models have been identified, each with specific characteristics that support

the needs of the services and users of the clouds in particular ways:

1.3.1. Private Cloud:

The cloud infrastructure has been deployed, and is maintained and operated for a

specific organization. The operation may be in-house or with a third party on the premises.

1.3.2. Community Cloud:

The cloud infrastructure is shared among a number of organizations with similar

interests and requirements. This may help limit the capital expenditure costs for its

establishment as the costs are shared among the organizations. The operation may be in-house

or with a third party on the premises.

1.3.33. Public Cloud:

The cloud infrastructure is available to the public on a commercial basis by a cloud

service provider. This enables a consumer to develop and deploy a service in the cloud

with very little financial outlay compared to the capital expenditure requirements normally

associated with other deployment options.

1.3.4. Hybrid Cloud:

The cloud infrastructure consists of a number of clouds of any type, but the clouds

have the ability through their interfaces to allow data and/or applications to be moved from

one cloud to another. This can be a combination of private and public clouds that support the

requirement to retain some data in an organization, and also the need to offer services in the

cloud.

5

Page 6: APPENDIX 1 final

SMIT

CHAPTER 2

6

Page 7: APPENDIX 1 final

SMIT

2. LITERATURE REVIEW

2.1 Existing System

In the existing system, single server handles the multiple requests from the

user. Here the server has to process the both the request from the user simultaneously, so the

processing time will high. This may leads to loss of data and corrupted. The server cannot

process the query from the user a proper manner. So processing time gets increased. Software

update/patches could change security settings, assigning privileges too low, or even more

alarmingly too high allowing access to your data by other parties. Security concerns. Experts

claim that their clouds are 100% secure - but it will not be their head on the block when

things go awry. It's often stated that cloud computing security is better than most enterprises.

Control of data/system by third-party. Data - once in the cloud always in the cloud! It is not

sure that a deleted data from an user account, will exist. Implementation data integration

issues are rife due to the difficult.

7

Page 8: APPENDIX 1 final

SMIT

2.2 Proposed System:

Cloud Server utilizes the power of the internet so as to ease the access to

applications as well as add power of scalability and high availability. Where as Cloud Storage

is a way of effectively using the existing data storage technology and resources so as to make

them available over the Cloud. Cloud storage allows a great amount of flexibility in terms of

provisioning as per the changing and ever increasing storage requirements, it is easy to add

more space or even reduce as needs change; best of all aspects is that no upfront investments

are required. The applications can vary from storing files, emails, pictures, media files along

with critical databases and important data backup. It provide secure data while store and

retrieve. It can be used cryptographically encryption and decryption in data store and retrieve.

We have used in third party tool (TPA) to monitoring data store and retrieve between owner

and user. It sends the key to user for access data.

2.2.1. Advantages of proposed system:

1. The user will be given status by the data owner and according to it the user acts.

2. On acquiring status, the user has only limited functions which prohibit overwriting.

3. The data will be stowed in encrypted format so as to improve the integrity and

security.

4. For an encrypted data, a private key will be sent to the user for decryption.

8

Page 9: APPENDIX 1 final

SMIT

2.3 FEASIBILITY STUDY

Three types of feasibility study are studied. They are operational, technical and financial.

2.3.1 Operational Feasibility

The proposed system does not perform any harm to the clients.

1. The system performance in cloud computing area is excellent.

2. The system does not produce poor results.

2.3.2 Technical feasibility

The necessary technologies exist in this project for the areas:

1. The proposed system has the capacity to hold the data required by ubiquitous network

access.

2. It technically assures for accuracy, reliability and data security.

2.3.3 Financial Feasibility

1. The cost of hardware and software for the class application being considered.

2. The cost to conduct full system audit.

3. The benefits in the form of reduced cost or fewer costly errors.

9

Page 10: APPENDIX 1 final

SMIT

3.1 ARCHITECTURE DIAGRAM:

Public Data Auditing

Data Auditing FileAccess

Delegation

Issuing File Access

Fig 3.1 Architecture Diagram

10

Third Party Auditor

Owner Cloud Users

Cloud servers

Page 11: APPENDIX 1 final

SMIT

3.1.1 ARCHITECTURE DETAILS

3.1.1.1 Data Owner:

One who creates the data and stores it in cloud is known as data owners. The data

owner has the full rights over the data that has been uploaded in net. The data owner gives

status to the user who opts for the usage of the data.

3.1.1.2 Cloud Server:

It is virtual database where the data of the owner will be saved. All data stored here

will be in encrypted format so as to improve the data privacy and security. Unauthorized

personnel cannot access the data without the prior permission of the data owner.

3.1.1.3 Third Party Auditor:

TPA is the person which helps in auditing purpose of the data that are being stored in

cloud. In order to reduce the work load of data owner TPA has been used for monitoring

purpose.

3.1.1.4 Data User:

One who retrieves data from the cloud server with the prior permission of the data

owner is known to be data user. User request for accessing the data from its owner, on

acquiring the status the user acts according to it.

3.1.1.5 Decrypt:

The data stored in cloud will being changed to original format with the help of private

key given by the data owner by the data user.

11

Page 12: APPENDIX 1 final

SMIT

3.2 PROJECT FLOW DIAGRAM:

No

Data

Store data

Retrieve data No

12

Owner

Login

If valid

Encryption

Cloud

Server

User login

If valid

Access file

Decryption

User

Issue File access ctrl

User

Page 13: APPENDIX 1 final

SMITFIG 3.2 Data flow diagram

3.3 MODULES

3.3.1 Authentication

3.3.2 File Upload

3.3.3 File Management

3.3.4 User Request

3.3.5 Owner Response

3.3.6 File Downloading

3.3.7 Decryption

3.3.1 AUTHENTICATION:

In this module the verification of the user is done in order to avoid the unauthorized

personnel to create account and start using the data in an unintentional way.

13

Authentication

Rejected

Owner

Page 14: APPENDIX 1 final

SMIT

The user requests the data owner for accessing the data. The data owner in turn validates the

request from the user and sets the status accordingly. The data owner may or may not accept

the request given by the user. The status for the user is entirely depends upon the

transparency of the data user. More the reliability of the data user will lead to enjoy more

work permission of the particular data. If the data user fails to accomplish the required

reliability in authentication process, he may be subjected to limited access of data such as

read only. On registering to an owner, the user can access the data related or uploaded to that

particular owner. The user does not have consent about data that are being uploaded by other

data owner. If so the user has to register with that data owner separately.

3.3.2 FILE UPLOAD:

Use any information obtained from our site in an unethical manner. Any information

obtained such as Usernames, IP addresses, email, etc are only used in the administration of

our website and services. We may email our members about site related issues, events, etc.

Only in the case of illegal activity, harassment, or other questionable activities would your

information be shared with a third party. File serves lets you easily upload and share your

files with others online for free.  Your files will get unlimited downloads.  With their free

hosting account you can store up to 500.0GB worth of files.  You can also upload files with a

Maximum file size 1024Mb.  They allow you to upload multiple files at once to their free

web servers. This is currently our favorite free file upload site that we have discovered so far.

14

Accepted

Owner Login

Profile

Browse

Page 15: APPENDIX 1 final

SMIT

3.3.3 FILE MANAGEMENT:

The data that we work with on computers is kept in a hierarchical file system in which

directories have files and subdirectories beneath them. Although we use the computer

operating system to keep our image data organized, how we name files and folders, how we

arrange these nested folders, and how we handle the files in these folders are the fundamental

aspects of file management. The file management is fully secured, on specific owner and user

file transaction.

File management is ineffective without scheduled maintenance steps that

help clean, protect, and backup the hard drive and the various files and folders in it. This also

means exercising caution when downloading files from e-mail or the internet. Some key steps

comprising maintenance are: deleting or backing up unnecessary files such as, Netscape

cache files, .tmp files, old and/or large files you have not used in a long time; emptying the

recycle bin; at least a weekly scheduled virus scanning of your system and virus definition

updates; backing up critical data; maintaining an updated list of all software and data files on

your system; renaming files and folders cautiously; and, moving files and folders to

appropriate locations to maintain the integrity of the directory structure.

15

Upload

Page 16: APPENDIX 1 final

SMIT

3.3.4 USER REQUEST:

Priorly the data user does not have any control or access to data that are being

uploaded by the data owner. User may only view the data that are being uploaded in the

cloud, for accessing the data the user has to send request to the particular data owner who has

the required data that the user has. The user without access the data without registering to the

data owner. This ensures avoiding of unauthorized access of data by a third person. Here the

data owner has full authority over the data and also the user from which a REQUEST has

requested upon.

16

Select User

User Request

Login

Request for status

Page 17: APPENDIX 1 final

SMIT

3.3.5 OWNER RESPONSE:

Upon the user request, the data owner accepts or rejects the request given by the user.

If the request is rejected by the owner the user cannot access the files that are available in the

cloud. The data user is then prohibited from using the data that are uploaded in cloud server.

On the other side, if the data owner accepts the request given by the data user then the user is

allowed to view the files that have been uploaded in cloud. Again, here the owner has to set

the status for user regarding the usage of file. Status such as read and write are available in

setting the status of the user. Either one or both the available can be assigned to the user. In

read mode, the user can only view the data in a file while in write mode user can modify the

original content of the file.

17

Checks Request

Set Response

Page 18: APPENDIX 1 final

SMIT

3.3.6 FILE DOWNLOADING:

File serves lets you easily download and share your files with others online for free.

Your files will get unlimited downloads. With their free hosting account you can download

maximum file size 1024 Mb. It allows you to multiple files download their free web servers.

Specified user can able to download the file by using the decryption algorithm

from the cryptography method by their specified path. When the downloading process starts

the public key will send to the respected user’s mail id. By using that keys the user done the

download process.

YES NO

YES

18

User login

Status

End

Download

Key to ID

Page 19: APPENDIX 1 final

SMIT

3.3.7 DECRYPTION:

In decryption, the file downloaded from the cloud server with the assent of the data

owner it is subjected to decryption process to obtain the original form of it. The decryption

process is done with comfort of the private key that has been sent to the user’s mail id. After

then the original file is obtained by the user.

19

Decrypted File

Key

Decryption

Page 20: APPENDIX 1 final

SMIT

3.4 REQUIREMENT SPECIFICATION

3.4.1 HARDWARE SPECIFICATION

1. Hard Disk : 150 MB

2. RAM : 512 MB

3. Processor : Pentium 4

3.4.2 SOFTWARE SPECIFICATION

1. Operating System : Windows XP

2. Front End : MS-Front page

3. Back End : My SQL

3.5 ALGORITH USED

3.5.1 RSA ALGORITHM

The RSA algorithm is named after Ron Rivest, Adi Shamir, and Len Adleman, who

invented it in 1977. The basic technique was first discovered in 1973 by Clifford Cocks of

CESG (part of the British GCHQ) but this first was a secret until 1997. The patent taken out

by RSA labs has expired.

The RSA algorithm can be used for both public key encryption and digital signatures.

Its security is based on the difficulty of factoring large integers.

3.5.2 Key Generation Algorithm

1. Generate two large random primes, p and q, of approximately equal size such that

their product n=pq is of the required bit length, e.g. 1024 bits.

20

Page 21: APPENDIX 1 final

SMIT2. Compute n=pq and (φ) phi=(p-1)(q-1).

3. Choose an integer e, 1<e<phi, such that gcd(e,phi)=1.

4. Compute the secret exponent d, 1<d<phi, such that ed=1(mod phi).

5. The public key is (n,e) and the private key is (n,d). Keep all the values d, p, q and phi

secret.

i. n is known as the modulus.

ii. e is known as the public exponent or encryption exponent or just the

exponent.

iii. d is known as the secret exponent or decryption exponent.

3.5.3 Encryption

Sender A does the following:

1. Obtains the recipient B’s public key (n,e).

2. Represents the plaintext message as a positive integer m.

3. Computes the cipher text c=Me mod n.

4. Sends the cipher text c to B.

3.5.4 Decryption

Recipient B does the following:

1. Uses his private key (n,d) to compute M=Cd mod n.

2. Extracts the plaintext from the message representative m.

3.5.5 Summary of RSA:

n=pq, where p and q are distinct primes.

21

Page 22: APPENDIX 1 final

SMIT Phi, φ = (p-1)(q-1).

e< n such that gcd(e, phi)=1

d=e-1 mod phi.

C=Me mod n, 1<m<n.

M=Cd mod n.

3.6 UML DIAGRAMS

3.6.1 Use case diagram

Owner User

22

File Encryption

Cloud Server

User File Access

Third Party

Audit

Decryption

Page 23: APPENDIX 1 final

SMIT

3.6.2 Sequence Diagram

23

Page 24: APPENDIX 1 final

SMIT

SOURCE CODE

24

Page 25: APPENDIX 1 final

SMIT

3.7 SOURCE CODE

File Transfer:

<html>

<head></head>

<body background="../FileTransfer.jpg">

<p align="center"><u><b><font size="6" color="#000080">File Upload

</font></b></u> </p>

<form action="load.jsp" enctype="multipart/form-data" method="POST">

<div align="center">

<table border="0" width="70%" height="255" style="border-collapse: collapse">

<tr>

<td background="images/Earth-Upload-icon.png" bgcolor="#FFFFFF">&nbsp;</td>

<td

width="432">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs

p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="file" name="file1" style="font-weight: 700"><br>

<p>&nbsp;</td>

</tr>

</table>25

Page 26: APPENDIX 1 final

SMIT</div>

<p><br>

</p>

</form>

</body>

</html>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<%@ page import="java.io.*" %>

<%@page import="java.util.Date"%>

<%@page import="java.sql.*"%>

<%@page import="java.text.*"%>

<jsp:useBean id="h" class="model.Commanmodel"/>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

"http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>JSP Page</title>

<script>

function fun()

26

Page 27: APPENDIX 1 final

SMIT {

document.frm.action="suc.jsp";

document.frm.submit(); }

</script>

</head>

<!-- upload.jsp -->

<%

String s=(String)session.getAttribute("ownername");

String contentType = request.getContentType();

int df=request.getContentType().length();

System.out.println("df value "+df);

if ((contentType != null) && (contentType.indexOf("multipart/form-data") >= 0))

{

DataInputStream in = new DataInputStream(request.getInputStream());

int formDataLength = request.getContentLength();

System.out.println("length "+formDataLength);

byte dataBytes[] = new byte[formDataLength];

int byteRead = 0;

int totalBytesRead = 0;

System.out.println("dsffffffffffffffffffffffffffffffffffffffffffffffffffffffff");

while (totalBytesRead < formDataLength)

27

Page 28: APPENDIX 1 final

SMIT{

byteRead = in.read(dataBytes, totalBytesRead, formDataLength);

totalBytesRead += byteRead; }

String file = new String(dataBytes);

String saveFile = file.substring(file.indexOf("filename=\"") + 10);

saveFile = saveFile.substring(0, saveFile.indexOf("\n"));

saveFile = saveFile.substring(saveFile.lastIndexOf("\\") + 1,saveFile.indexOf("\""));

int lastIndex = contentType.lastIndexOf("=");

String boundary = contentType.substring(lastIndex + 1,contentType.length());

System.out.println(boundary);

int pos;

pos = file.indexOf("filename=\"");

pos = file.indexOf("\n", pos) + 1;

pos = file.indexOf("\n", pos) + 1;

pos = file.indexOf("\n", pos) + 1;

int boundaryLocation = file.indexOf(boundary, pos) - 4;

int startPos = ((file.substring(0, pos)).getBytes()).length;

int endPos = ((file.substring(0, boundaryLocation)).getBytes()).length;

saveFile = "D:\\server\\"+s+"\\" + saveFile;

DateFormat dateFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss");

Date date1 = new Date();

28

Page 29: APPENDIX 1 final

SMIT dateFormat.format(date1);

String ff="upload";

Class.forName("com.mysql.jdbc.Driver");

Connection con =

DriverManager.getConnection("jdbc:mysql://localhost:3306/cloud", "root", "root");

Statement st = con.createStatement();

int state = st.executeUpdate("insert into ggg values('"+s+"','" + saveFile+ "','" +

saveFile.length() + "','" + date1 + "','" + ff+ "')");

//FileOutputStream fileOut = new FileOutputStream(saveFile);

//fileOut.write(dataBytes);

//fileOut.write(dataBytes, startPos, (endPos - startPos));

System.out.println("sart "+startPos);

System.out.println("end "+endPos);

int ps=endPos - startPos;

System.out.println("ps value");

saveFile+="~"+s;

int d=h.insres(dataBytes,saveFile,startPos,endPos);

System.out.println("d value"+d);

//fileOut.flush();

//fileOut.close();

System.out.println("File saved as " +saveFile);

}

29

Page 30: APPENDIX 1 final

SMIT%>

<body onload="fun()"><form name="frm"></form> </body>

</html>

import java.io.File;

import java.io.FileOutputStream;

import java.io.ObjectOutputStream;

import java.security.KeyPair;

import java.security.KeyPairGenerator;

import java.security.PrivateKey;

import java.security.PublicKey;

import javax.crypto.Cipher;

public class Commanmodel {

int state;

byte[] inputBuf;

byte a;

public int insres(byte[] bb , String sf,int a,int b)

{

String dd[]=sf.split("~");

String save=dd[0];

String s=dd[1];

String ss1=save.substring(save.lastIndexOf("\\")+1);

30

Page 31: APPENDIX 1 final

SMIT System.out.println("save:::::::"+save);

System.out.println("ssssssssssssss:::::::::"+ss1);

System.out.println("b-a "+(b-a));

byte decryptedFileBytes[]=new byte[b-a];

int j=0;

for(int i=a;i<b;i++)

{

char c=(char) bb[i];

decryptedFileBytes[j]=(byte) c;

j++;

}

String ddf=save.substring(save.lastIndexOf("\\")+1,save.lastIndexOf("."));

String fe=ss1.substring(0, ss1.lastIndexOf("."));

System.out.println("fe:::::::"+ddf+":::::::::::::"+save);

// System.out.println("str:::::::::: "+m);

System.out.println("bytes "+decryptedFileBytes.toString());

try{

KeyPair keyPair = null;

try

{ KeyPairGenerator keyPairGenerator =

KeyPairGenerator.getInstance("RSA");

31

Page 32: APPENDIX 1 final

SMIT keyPairGenerator.initialize(1024);

keyPair = keyPairGenerator.generateKeyPair();

}catch (Exception e) {}

KeyPair keyPair0 = keyPair;

PrivateKey privateKey0 = keyPair0.getPrivate();

PublicKey publicKey0 = keyPair0.getPublic();

ObjectOutputStream objectOutputStream = new ObjectOutputStream( new

FileOutputStream(new File("D:\\server\\"+s+"\\key\\"+ddf+"priv.txt")) );

objectOutputStream.writeObject(privateKey0);

objectOutputStream.flush();

objectOutputStream.close();

objectOutputStream = new ObjectOutputStream( new FileOutputStream(new File("D:\\

server\\"+s+"\\key\\"+ddf+"pub.txt")) );

objectOutputStream.writeObject(publicKey0);

objectOutputStream.flush();

objectOutputStream.close();

//Encrypt

Cipher cipher = Cipher.getInstance("RSA");

cipher.init(Cipher.ENCRYPT_MODE, publicKey0);

// ENCRYPT Pub0

int decryptedFileBytesChunkLength = 100;

32

Page 33: APPENDIX 1 final

SMIT int numberenOfDecryptedChunks = (decryptedFileBytes.length-1) /

decryptedFileBytesChunkLength + 1;

int encryptedFileBytesChunkLength = 128;

int encryptedFileBytesLength = numberenOfDecryptedChunks *

encryptedFileBytesChunkLength;

byte[] encryptedFileBytes= new byte[ encryptedFileBytesLength ];

//Counters

int decryptedByteIndex = 0;

int encryptedByteIndex = 0;

for(int i = 0; i < numberenOfDecryptedChunks; i++)

{

if(i < numberenOfDecryptedChunks - 1)

{

encryptedByteIndex = encryptedByteIndex + cipher.doFinal(decryptedFileBytes,

decryptedByteIndex, decryptedFileBytesChunkLength, encryptedFileBytes,

encryptedByteIndex);

decryptedByteIndex = decryptedByteIndex + decryptedFileBytesChunkLength;

}

else

{

cipher.doFinal(decryptedFileBytes, decryptedByteIndex,

decryptedFileBytes.length - decryptedByteIndex, encryptedFileBytes, encryptedByteIndex);

}}

33

Page 34: APPENDIX 1 final

SMIT inputBuf=encryptedFileBytes;

System.out.println("in "+inputBuf.toString());

FileOutputStream fileOutputStream = new FileOutputStream(save);

fileOutputStream.write(encryptedFileBytes);

fileOutputStream.flush();

fileOutputStream.close();

// System.out.println("length: "+ decryptedFileBytes.length);

// System.out.println("length: "+ encryptedFileBytes.length);

System.out.println("Encryption done");

}catch (Exception e) {

e.printStackTrace();

}

System.out.println("encrypted");

return state;

}

}

34

Page 35: APPENDIX 1 final

SMIT

OUTPUT

35

Page 36: APPENDIX 1 final

SMIT

3.8 SCREENSHOTS

HOME PAGE

36

Page 37: APPENDIX 1 final

SMIT

OWNER’S LOGIN

37

Page 38: APPENDIX 1 final

SMIT

OWNER’S REGISTRATION

38

Page 39: APPENDIX 1 final

SMIT

OWNER’S LOGIN

39

Page 40: APPENDIX 1 final

SMIT

OWNER’S DETAILS

40

Page 41: APPENDIX 1 final

SMIT

FILE UPLOAD

41

Page 42: APPENDIX 1 final

SMIT

FILE’S DETAILS

42

Page 43: APPENDIX 1 final

SMIT

TABLE DESIGN

OWNER’S DETAILS

43

Page 44: APPENDIX 1 final

SMIT

UPLOADED FILE DETAILS

44

Page 45: APPENDIX 1 final

SMIT

USER PROFILE

45

Page 46: APPENDIX 1 final

SMIT

USER REGISTRATION

46

Page 47: APPENDIX 1 final

SMIT

USER LOGIN

47

Page 48: APPENDIX 1 final

SMIT

3.9 CONCLUSION

Cloud computing has been envisioned as the next-generation architecture

of enterprise IT. In contrast to traditional enterprise IT solutions, where the IT

services are under proper physical, logical, and personnel controls, cloud

computing moves the application software and databases to servers in large

data centers on the Internet, where the management of the data and services are

not fully trustworthy. This unique attribute raises many new security challenges

in areas such as software and data security, recovery, and privacy, as well as

legal issues in areas such as regulatory compliance and auditing, all of which

have not been well understood. In this article we focus on cloud data storage

security.

3.10 FUTURE WORK

1. Till now the trustiness is suspected for user but there may be anonymity of the cloud

service provider.

2. Multi writer model is achieved here that is user can change data and upload in the cloud.

48

Page 49: APPENDIX 1 final

SMIT

APPENDIX

49

Page 50: APPENDIX 1 final

SMIT

APPENDIX I

JSP

JSP may be viewed as a high-level abstraction of Java servlets. JSP pages are loaded

in the server and operated from a structured special installed Java server packet called a Java

EE Web Application, often packaged as a .war or .ear file archive.

JSP allows Java code and certain pre-defined actions to be interleaved with static web

markup content, with the resulting page being compiled and executed on the server to deliver

an HTML or XML document. The compiled pages and any dependent Java libraries use Java

bytecode rather than a native software format, and must therefore be executed within a Java

virtual machine (JVM) that integrates with the host operating system to provide an abstract

platform-neutral environment.

JSP syntax is a fluid mix of two basic content forms: scriptlet elements and markup.

Markup is typically standard HTML or XML, while scriptlet elements are delimited blocks of

Java code which may be intermixed with the markup. When the page is requested the Java

code is executed and its output is added, in situ, with the surrounding markup to create the

final page. JSP pages must be compiled to Java bytecode classes before they can be executed,

but such compilation is needed only when a change to the source JSP file has occurred.

Java code is not required to be complete (self contained) within its scriptlet element

block, but can straddle markup content providing the page as a whole is syntactically correct

(for example, any Java if/for/while blocks opened in one scriptlet element must be correctly

closed in a later element for the page to successfully compile). This system of split inline

coding sections is called step over scripting because it can wrap around the static markup by

stepping over it. Markup which falls inside a split block of code is subject to that code, so

markup inside an if block will only appear in the output when the if condition evaluates to

true; likewise markup inside a loop construct may appear multiple times in the output

depending upon how many times the loop body runs. The JSP syntax adds additional XML-

like tags, called JSP actions, to invoke built-in functionality. Additionally, the technology

50

Page 51: APPENDIX 1 final

SMITallows for the creation of JSP tag libraries that act as extensions to the standard HTML or

XML tags. JVM operated tag libraries provide a platform independent way of extending the

capabilities of a web server. Note that not all commercial Java servers are Java EE

specification compliant.

Features of JSP

1. Ease of use: - JSP pages are installed simply as web pages using natural structure of web

server document tree.

2. Platform independence: - JSP runs on virtually any environment that supports JAVA

servlets and hence it is compatible with any web browsers.

3. This version has new expression language (EL ) syntax that allows deferred evaluation of

expressions. It now enables using the expression to both get and set data and to invoke

methods, and facilitates customizing the resolution of a variable or property referenced by an

expression.

4. It supports resource injection through annotations to simplify configuring access to

resources and environment data.

5. Qualified functions now take precedence over the ternary operator when the "." operator in

use or we can say that ability to redefine the behavior of the "."Operator through a Property

Resolver API.

6. EL now supports "literal expressions". The expression which was previously considered to

be non-EL value text must now be considered an EL expression.

7. EL now supports Java 5.0 enumerations.

8. Ability to plug in Property Resolvers on a per-application and per-page basis.

51

Page 52: APPENDIX 1 final

SMIT

APPENDIX II

FRONT PAGE

FrontPage was initially created by the Cambridge, Massachusetts Company Vermeer

Technologies Incorporated, evidence of which can be easily spotted in filenames and

directories prefixed _vti_ in web sites created using FrontPage. Vermeer was acquired by

Microsoft in January 1996 specifically so that Microsoft could add FrontPage to its product

line-up allowing them to gain an advantage in the browser wars as FrontPage was designed

to author for their own browser, Internet Explorer. As a WYSIWYG editor, FrontPage is

designed to hide the details of pages' HTML code from the user, making it possible for

novices to easily create web pages and sites.

FrontPage's initial outing under the Microsoft name came in 1996 with the release of

Windows NT 4.0 Server and its constituent web server Internet Information Services 2.0.

Bundled on CD with the NT 4.0 Server release, FrontPage 1.1 would run under NT 4.0

(Server or Workstation) or Windows 95. Up to FrontPage 98, the FrontPage Editor, which

was used for designing pages was a separate application from the FrontPage Explorer which

was used to manage website folders. With FrontPage 2000, both programs were merged into

the Editor.

FrontPage used to require a set of server-side plug-in originally known as IIS Extensions. The

extension set was significantly enhanced for Microsoft inclusion of FrontPage into the

Microsoft Office line-up with Office 97 and subsequently renamed FrontPage Server

Extensions (FPSE). Both sets of extensions needed to be installed on the target web server for

its content and publishing features to work. Microsoft offered both Windows and Unix-based

versions of FPSE. FrontPage 2000 Server Extensions worked with earlier versions of

FrontPage as well. FPSE 2002 was the last released version which also works with FrontPage

2003 and was later updated for IIS 6.0 as well. With FrontPage 2003, Microsoft began

moving away from proprietary Server Extensions to standard protocols like FTP and

WebDAV for remote web publishing and authoring. FrontPage 2003 can also be used with

Windows SharePoint Services.

52

Page 53: APPENDIX 1 final

SMIT

Features

Some of the features in the last version of FrontPage include:

FrontPage 2003 consists of a new Split View option to allow the user to code in Code

View and preview in Design View without the hassle of switching from the Design

and Code View tabs for each review

Dynamic Web Templates (DWT) were included for the first time in FrontPage 2003

allowing users to create a single template that could be used across multiple pages and

even the whole Web site

Interactive Buttons give users a new easy way to create web graphics for navigation

and links, eliminating the need for a complicated image-editing package such as

Adobe Photoshop

The accessibility checker gives the user the ability to check if their code is standards

compliant and that their Web site is easily accessible for people with disabilities. An

HTML optimizer is included to aid in optimizing code to make it legible and quicker

to process

Intellisense, which is a form of autocompletion, is a key new feature in FrontPage

2003 that assists the user while typing in Code View. When working in Code View,

Intellisense will suggest tags and/or properties for the code that the user is entering

which significantly reduces the time to write code. The Quick Tag Editor shows the

user the tag they are currently in when editing in Design View. This also includes the

option to edit the specific tag/property from within the Tag Editor

Code Snippets give users the advantage to create snippets of their commonly used

pieces of code allowing them to store it for easy access whenever it is next needed

FrontPage 2003 includes support for programming in ASP.NET a server-side

scripting language that adds interactivity to Web sites and Web pages

FrontPage 2003 includes support macro in VBA.

53

Page 54: APPENDIX 1 final

SMIT

REFERENCES

54

Page 55: APPENDIX 1 final

SMIT

REFERENCES

[1] P. Mell and T. Grance, “Draft NIST Working Definition of Cloud Computing,” 2009;

http://csrc.nist.gov/groups/SNS/cloud-computing/index.html

[2] M. Armbrust et al “Above the Clouds: A Berkeley View of Cloud Computing,” Univ.

California, Berkeley, Tech. Rep. UCBEECS-2009-28, Feb. 2009.

[3] Amazon.com, “Amazon s3 Availability Event: July 20, 2008,” July 2008;

http://status.aws.amazon.com/s3-20080720.html

[4] M. Arrington, “Gmail Disaster: Reports of Mass Email Deletions,” Dec. 2006;

http://www.techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass email-deletions/

[5] M. Krigsman, “Apple’s MobileMe Experiences Post-Launch Pain,” July 2008;

http://blogs.zdnet.com/projectfailures/?p=908

[6] A. Juels, J. Burton, and S. Kaliski, “PORs: Proofs of Retrievability for Large Files,” Proc.

ACM CCS ‘07, Oct. 2007, pp. 584–97.

[7] G.Ateniese et al et al., “Provable Data Possession at Untrusted Stores,” CCS ’07 , Oct.

2007, pp. 598–609.

[8] M. A. Shah et al., “Auditing to keep Online Storage Services Honest,” USENIX HotOS

‘07, May 2007.

[9] G. Ateniese et al ., “Scalable and Efficient Provable Data Possession,” ., “Scalable and

Efficient Provable Data Possession,” SecureComm ’08 , Sept. 2008.

[10] H. Shacham and B. Waters, “Compact Proofs of Retrievability,” Crypt ’08 , LNCS, vol.

5350, Dec. 2008, pp. 90–107.

55

Page 56: APPENDIX 1 final

SMIT

[11] K. D. Bowers, A. Juels, and A. Oprea, “Hail: A High-Availability and Integrity Layer

for Cloud Storage,” Proc. ACM CCS ’09 , Nov. 2009, pp. 187–98.

[12]C.Wang et al .,”Ensuring Data Storage Security in Cloud Computing,” IWQoS ‘09, July

2009, pp. 1–9.

[13] Q. Wang et al., “Enabling Public Verifiability and Data Dynamics for Storage Security

in Cloud Computing,” Proc. ESORICS ‘09

, Sept. 2009, pp. 355–70.

[14] C. Erway et al ., “Dynamic Provable Data Possession,” Proc. ACM CCS ’09 Nov. 2009,

pp. 213–22.

[15] C. Wang et al. ., “Privacy-Preserving Public Auditing for Storage Security in Cloud

Computing,” Proc. IEEE INFOCOM ‘10

Mar 2010

[16] R. C. Merkle, “Protocols for Public Key Cryptosystems,” Proc. IEEE Symp. Security

privacy 1980

[17] 104th United States Congress, “Health Insurance Portability and Accountability Act of

1996 (HIPAA),” 1996; http://aspe.hhs.gov/admnsimp/pl104191.htm

[18] D. Boneh et al., ., “Aggregate and Verifiably Encrypted Signatures from Bilinear Maps,”

Proc. EuroCrypt ‘03, LNCS, vol. 2656, May 2003, pp. 416–32.

56