CHAPTER 1

INTRODUCTION

1.1 Introduction

Cloud Computing is the style of computing where the resources are provided as services on
internet. There are three types of services in Cloud Computing which are used for the deployment
of the application on the cloud. Data on the cloud will become more scalable, Reliable and Secure.
The big players in Cloud Computing are Amazon, Google, Microsoft and IBM. Cloud Computing
is based on five attributes such as Shared Resources, Scalability, Pay as U use, Elasticity and Self
Provisioning of Resource. Most of the enterprises shifting their applications on to the cloud owing
to its speed of implementation and deployment, improved customer experience, scalability, and
cost control. The services in Cloud Computing are SaaS, PaaS, laaS amongst which we are using
PaaS and laaS service for deployment of Application on the Cloud in our Project. This service
exhibits five essential characteristics such As Rapid Elasticity, Resource Pooling, on demand Self-
service, Broad Network Areas. Data is being transmitted between two clouds so in order to secure
the data most of the systems use the combination of techniques, including: • Encryption- It is used
to encode the data in such a way that third party will not be able to hack that data. •
Authentication- It is used to create a separate user ID and Password so that only the authorized
users will able to access the data. •Separation of duties- In which accessibility is provided to all
the users according to their priority. These security parameters are achieved due to which the
performance will gets increased and therefore the Security is obtained up to higher extent. Data
security and privacy risks have become the primary concern for people to shift to cloud
computing. Cloud Computing is mainly used for the improving the data handling capability where
the services and the resources will be delivered continuously when and where required due to
which the Cloud computing is in great demand. However there still exist many problems in cloud
computing today, a recent survey shows that data security and privacy risks have become the
primary concern for people to shift to cloud computing Cloud is the free space where the
application is being saved securely and the services are being provided continuously when and
where required

1.2 Objective

1|Page
The primary goal of this project is to provide and simulate an effective solution to face the
challenges and solve security issues that exists in cloud computing. Cloud Computing is the
impending need of computing which is used for the IT Industries It is one of the hottest topic in
research areas. Scalability and Flexibility increases for the computing services. Cloud Computing
is the fastest growing technology for IT Industry. The Information is being transmitted via the
network therefore security is one of the main problems or issue. The Application is deployed on
the Cloud and for the secure transmission of the data we will be using ECC Algorithm in our
project because of its advantages in terms of CPU utilization, time for Encryption and Key Size.
This Project will explore the deployment of Application on the Cloud and increases the security
level by implementing ECC & ECDH Algorithm, and AES Algorithm for secure file handling and
Encryption

1.3 Motivation

Need of data security is an essential issue in the domain of computing traditionally. There are
various algorithms are developed in order to improve the security of data, but they having their
own issues. Now in these days the traditional algorithms are not much suitable for providing
security over the un trusted communications and data exchange. ECC is more and more
considered as an attractive public-key cryptosystem for mobile/wireless environments. One of the
other recent public key cryptosystems is Elliptic Curves Cryptography use for security. In recent
times, the majority of e-commerce applications are designed using asymmetric cryptography to
assure the authentication of the concerned parties. Compared to traditional public-key
cryptosystems like RSA or Diffie-Hellman, ECC propose equivalent security with smaller key
sizes; these results in faster calculation, lower power expenditure, as well 3 as memory and
bandwidth savings. ECC is peculiarly useful for mobile devices, which are typically particular in
terms of their CPU, power and network connectivity. Therefore, a new encryption standard is
required that can fulfill the current need of security meanwhile that is extendable according to the
need. The proposed work includes the development of new hybrid algorithm using ECC, ECDH
and AES algorithms along with encryption techniques

2|Page
1.4 Definition and overview:

Cloud Computing is the primitive change happening in the field of Information Technology.
It uses the internet technologies for delivery of IT - enabled capabilities 'as a service' to any
needed users. Cloud computing enables users to access resources using internet, from
anywhere at any time without worrying about technical/physical management and
maintenance concern of the original resources. In its description for cloud characteristics
The US National Institute of Standards and Technology (NIST) defines as cloud
characteristics the following: On-demand self-service, Ubiquitous network access, Resource
pooling, Rapid elasticity (resources can be scaled up and down easily), Metered service
(resources' usage is measured) and Pay-As-You-Consume business models. Google Apps is
important example of Cloud computing; it enables to access services through the browser
and brought into effective action on millions of machines over the Internet. One of the most
prominent service offered by cloud computing is cloud storage. Cloud storage is simply a
term that refers to on line space that you can use to store your data. In more strict way, cloud
storage is a service model in which data is maintained, managed and backed up remotely and
made available to users over a network.

Software as a service (SaaS) :The cloud provider deploys, configures, maintains and
updates the operation of the software applications on a cloud infrastructure so that the an
services are provisioned at the expected service levels to cloud consumers. The cloud
consumers have limited administrative control of the applications.

Platform as a service (PaaS):The Cloud Provider manages the computing infrastructure for
the platform and runs the cloud software that provides the components of the platform, such
as runtime software execution stack, databases, and other middleware components. The
PaaS Cloud Provider typically also supports the development, deployment and management
process of the PaaS Cloud Consumer by providing tools such as integrated development
environments (IDEs), development version of cloud software, software development kits
(SDKs), deployment and management tools.

Infrastructure as a service (IaaS) :The Cloud Provider acquires the physical computing
resources underlying the service, including the servers, networks, storage and hosting
infrastructure. The Cloud Provider runs the cloud software necessary to makes computing

3|Page
 resources available to the IaaS Cloud Consumer through a set of service interfaces and
computing resource abstractions, such as virtual machines and virtual network interfaces.
The whole idea and definition of this project lies in its name i.e. Secure Cloud, which aims
at providing and simulating an effective solution to face the challenges and solve security
issues that exists in cloud computing. But first we should look at some of the frequently
occurring issues in cloud computing mostly during the transmission of data. Some of them
are discussed below:

Encryption - The message send by the sender i.e. the original message is being encrypted
in such a way that third party will not be able to hack or misuse the data.

 Intrusion Detection and Prevention- Data that is being entered and going out of the Network
has to know.
 Saparation of Duties - Due to the insufficient communication between the expertise System
misconfiguration takes place.
 Location of Data - Every Organization will have different requirements and their access control
on their data to be placed. A level of security is required to fulfil the customer need.
Sharing of Cloud Infrastructure could lead to the privacy issues. The Location of data could
influence the privacy obligations. For storage and processing of data. Data leakage could also
occur due to failure of security access rights. In order to secure the data stored on the cloud
various security Algorithms are present which will help to encrypt the data before transmission in
order to protect the valuable data from the hackers. One of the better solution for maintain the
security is cryptography which is basically used for protecting the data. Public Key
Cryptography- In this cryptography different keys are used for Encryption and
Decryption.Secret Key Cryptography- A key which is used for Encryption as well as Decryption
is called Secret Key Cryptography. There are many Security Algorithms Each Algorithm have
their own properties such as Key Size, Throughput, Performance, Encryption Decryption Time
etc. By Comparing the Encryption Algorithms, we found out that ECC Algorithm is one of the
best Algorithm which is having the high level of Security and better performance.
 Elliptic Curve Cryptography(ECC):
Elliptic curve systems were first proposed in 1985 by Neal Koblitz and Victor Miller. An Elliptic
curve over a field K have a set of points(Xi,Yi) in a plane. The set is finite and is denoted by E. It
is one of the most secure Algorithm. ECC is a public key cryptography Algorithm in which each

4|Page
 and every user has its own pair of private and public key. Group Operator is an important one in
ECC and is denoted by the symbol '+'. The Standard form of ECC is given by y2 =x3 + ax + b for
some fixed values for parameters a and b. The security of ECC Algorithm depends on the ability
of computation of new points on the curve and then the encryption of these points as information
is to be exchanged between the end users. Group Operator is used to find P which is one of the
point on the curve. Again, this operator proceeds the computation as P+P, P+P+P, .............. Which
makes it very difficult for the hacker to hack the data.
 Key Agreement using ECDH Algorithm:
Both clouds i.e. Cloud A and Cloud B will agree for the data which is being transmitted The
Agreement between the two parties will takes place only when both the keys are same.
1. A will select an integer XA = klas his/her private key. The public key for A will be Y A = XA x P,
which implies that when the private key is an ordinary integer, the public key is a point like P.
2. B does exactly the same thing it selects an integer XB = K2 as his/her private key, with the public
key for B being YB =XB xP. Then both the parties exchange their public keys.
3. A computes the session key by KA = XAxYB = klxk2xP
4. B computes the session key by KB = XBxY A = K2xkl xP. Obviously, KA = K 6 This proves the
Agreement for exchanging the Data between two parties and the generation of public and private
key.
 Key Generation: Algorithm generates both the public key and private key. Here Sender will be
used to encrypt the data and receiver i.e. B is used to decrypt the data by using its own private key.
 Encryption: Let m be the message that has been sent from the sender A to B. Sender A will
encode the message and on the way of transmission only the encryption will take place and for the
transmission of data only few nano seconds will be required to travel the data to receiver

1.5 Cloud Deployment Models:

5|Page
A. Public Cloud: The Cloud infrastructure is made available for the large industry group and general
public provided by single service provider.
B. Private Cloud: The Organization can store the data on private Cloud. The main Advantage of this
Cloud is Security of Data and Quality of Service.
C. Comunity Cloud : The Cloud Infrastructure is shared by many Organizations.
D. Hybrid Cloud: Two or more Clouds combine to form Hybrid Cloud.

1.6 Cloud Characteristics:

A. Easy use - Most Cloud Provider will offer the Internet interfaces which are much simple so user
can easily access the cloud services.
B. Ubiquitous Network Access - Cloud provides services through the standard terminal such as
phones, Laptops, Mobiles.
C. On demand service - Cloud is a pool of resources and services so we can get the services and
resources by paying particular amount as required.
D. Buisness Model -Cloud is a Business Model because it is pay per use of service or resource.
E. Pay as U used- Users have to pay for only the Resources they are using. Whenever the users need
some resources then they have to pay for the particular resource as and when required.

CHAPTER 2
LITERATURE SURVEY
Literature survey deals with the process of defining the functions of existing system. To create or
develop a new system and study the prior system, Analysis difficult problems faced by that
system. The disadvantages of existing system are discussed to prove the way of proposed system.
Then the proposed system is defined for the problem and the advantages of the proposed system
are also defined The concept of identity-based encryption was introduced by Shamir , and
conveniently instantiated by Boneh and Franklin . IBE eliminates the need for providing a public

6|Page
key infrastructure (PKI). Regardless of the setting of IBE or PKI, there must be an approach to
revoke users from the system when necessary, e.g., the authority of some user is expired or the
secret key of some user is disclosed. In the traditional PKI setting, the problem of revocation has
been well studied and several techniques are widely approved, such as certificate revocation list or
appending validity periods to certificates. However, there are only a few studies on revocation in
the setting of IBE. Boneh and Franklin first proposed a natural revocation way for IBE. They
appended the current time period to the ciphertext, and non-revoked users periodically received
private keys for each time period from the key authority. Unfortunately, such a solution is not
scalable, since it requires the key authority to perform linear work in the number of non-revoked
users. In addition, a secure channel is essential for the key authority and non-revoked users to
transmit new keys. To conquer this problem, Boldyreva, Goyal and Kumar introduced a novel
approach to achieve efficient revocation. They used a binary tree to manage identity such that their
RIBE scheme reduces the complexity of key revocation to logarithmic (instead of linear) in the
maximum number of system users. However, this scheme only achieves selective security.
Subsequently, by using the aforementioned revocation technique, Libert and Vergnaud proposed
an adaptively secure RIBE scheme based on a variant of Water’s IBE scheme , Chen et al.
constructed a RIBE scheme from lattices. Recently, Seo and Emura proposed an efficient RIBE
scheme resistant to a realistic threat called decryption key exposure, which means that the
disclosure of decryption key for current time period has no effect on the security of decryption
keys for other time periods. Inspired by the above work and, Liang et al. introduced a cloud-based
revocable identity based proxy re-encryption that supports user revocation and cipher text update.
To reduce the complexity of revocation, they utilized a broadcast encryption scheme to encrypt the
cipher text of the update key, which is independent of users, such that only non-revoked users can
decrypt the update key. However, this kind of revocation method cannot resist the collusion of
revoked users and malicious non-revoked users as malicious non revoked users can share the
update key with those revoked users. Furthermore, to update the cipher text, the key authority in
their scheme needs to maintain a table for each user to produce the re-encryption key for each time
period, which significantly increases the key authority’s workload.

2.1Existing System

In existing system for data sharing they use some encryption technique. Firstly, outsourcing data to
cloud server implies that data out control of users. This may cause users’ hesitation since the
outsourced data usually contain valuable and sensitive information. Secondly, data sharing is often

7|Page
 implemented in an open and hostile environment, and cloud server would become a target of
attacks. That is, when a user’s authorization gets expired, he/she should no longer possess the
privilege of accessing the previously and subsequently shared data.

Disadvantages
 It needs long training time to construct a well-suited model.
 It is hard to Interpret.
 It is less efficient
 Unfortunately, existing solution is not scalable, since it requires the key authority to perform linear
work in the number of non-revoked users. In addition, a secure channel is essential for the key
authority and non-revoked users to transmit new keys.
 However, existing scheme only achieves selective security.
 This kind of revocation method cannot resist the collusion of revoked users and malicious non-
revoked users as malicious non-revoked users can share the update key with those revoked users.
 Furthermore, to update the ciphertext, the key authority in their scheme needs to maintain a table
for each user to produce the re-encryption key for each time period, which significantly increases
the key authority’s workload.

2.2 Proposed System

The procedure of ciphertext update only needs public information. In this paper we proposed
secure data sharing with identity based encryption. We provide formal definitions for RS-IBE and
its corresponding security model:We prove the security of the proposed scheme in the standard
model, under the RSA and AES algorithm. IBE eliminates the need for providing a public key
infrastructure (PKI). The proposed scheme can provide confidentiality and backward/forward2
secrecy simultaneously. We prove the security of the proposed scheme in the standard model,
under the RSA and AES Algorithm. In addition, the proposed scheme can withstand decryption
key exposure.

After doing the survey and studying the research papers it is found that the major security
concerns of cloud computing includes Data leakage, Distributed Denial of Service (DDOS). The
data security can be improved by implementing various symmetric key algorithms so that data on

8|Page
 the server is stored in a manner that even if a person gets access then also he can't open the
original data. As it needs to be decrypted. Apart from storage security, authorised access of users
enable may help in avoiding DDOS as only genuine users will have access to the cloud.

2.3 Problem Statement:

Currently, data security and privacy policy has been regarded as one of the biggest concerns in
cloud computing. Data stored at remote storage is unsafe and susceptible to get hacked. Due to
this, users do not trust their data over the cloud. Cloud consumers wants an assurance that they can
access their data where ever they want and no one else is able to get it. Moreover, authentication
of users over the cloud is also an important concern to think about.

2.4 Overview of Proposed Solution:

A hybrid model is proposed which is a mixture of elliptical curve cryptography and symmetric
key algorithm. ECC is used to achieve the process of user's verification and to keep the private
data secure. AES algorithm is used which allow the user to store and access their data securely to
the cloud by encrypting the data in the client side and decrypting the data after downloading from
the cloud. Since the private key is owned by the user of the data, no one can decrypt the data, even
though the hacker can get the data through some approaches. Moreover, user will securely
authenticate itself by using different input parameters at the time of login to the cloud server. This
scheme can make users assure about the security of data stored in the cloud. Here, we will apply
an ECC and ECDH algorithm that provide same level of security as of other public key crypto
systems with less key size and strengthens the security of the algorithm.

Benefits are:

 Proper access mechanism to avoid unauthorised access to the information system.

 Secure storage and access of data over the cloud.

Advantages
 It is more efficient.
 It can analyse unauthorized data.

9|Page
 It is an asymmetrical process for Encryption and Decryption.
 We provide formal definitions for RS-IBE and its corresponding security model;
 We present a concrete construction of RS-IBE.
 The proposed scheme can provide confidentiality and backward/forward2 secrecy simultaneously
 We prove the security of the proposed scheme in the standard model, under the decisional ℓ-
Bilinear Diffie-Hellman Exponent (ℓ-BDHE) assumption. In addition, the proposed scheme can
withstand decryption key exposure
 The procedure of cipher text update only needs public information. Note that no previous identity-
based encryption schemes in the literature can provide this feature;
 The additional computation and storage complexity, which are brought in by the forward secrecy,
is all upper bounded by O(log(T )2), where T is the total number of time periods.

2.5 Feasibility Study

The Project simulates a model that is already quite common for consumer apps like email and
photo sharing, and for certain business applications. But in this project, we present a way to secure
the data using different compression and encryption algorithms and to hide its location from the
users that stores and retrieves it.As with the Internet, on-demand applications have grown so
ubiquitous that almost every business user interacts with at least one, whether it's an email service,
a Web conferencing application, or a file hosting system. The data is stored at multiple places over
the information space (over the Internet). It sounds similar to file hosting websites which stores
the data that is being uploaded by different users and can be retrieved using proper authentication.
The only difference is that the system for which project is targeted is an application based system
like which will run on the clients own system. This application will allow users to upload file of
different formats with security features including Encryption and Compression over the cloud
securely.

The uploaded files can be accessed from anywhere using the application which is provided. We
believe this system serves as a foundation for future work in integrating and securing information
sources across the World Wide Web.

2.6 Methodology

10 | P a g e
 As computer science students, our task is to figure out which platform components are going to
allow us to build all of these features. The system architecture shows the core design of the
application. The system serves the purpose of file hosting and hence requires a server that holds
data. Multiple clients can log in to the server and share files. The system should work in the flow
as shown below:

 User should register on website and download the application and install it.
 User has to log in through the application and performs operation user wants.
 User should register on website and download the application and installit.
 Database is in 3rd normal form.
 Data compression by using zipping up-to 70%.
 Data size is 4MB with full binary support.
 Existing system is updated from 3 tiers to N tier that improve the security.
 256 bit AES encryption algorithm is used for file security.
 Proposed system is multi-cloud compatible that is it is independent of backend services and
infrastructure.

All the quality attributes are taken into consideration and it comprises of all persistent systems
standards.

11 | P a g e
 CHAPTER 3
OVERALL DESCRIPTION
3.1 Project Perspective
We have in mind a hybrid model proposed which is a mixture of Elliptical Curve Cryptography
and a symmetric key algorithm. ECC is used to achieve the process of user’s verification and to
keep the private data secure. AES (or whichever gives best results) algorithm is used which allows
the user to store and access their data securely in the cloud by encrypting the data in the client side
and decrypting the data after downloading from the cloud.

Since the private key is owned by the user of the data, no one can decrypt the data. Even though
hackers can get the data through some approaches, they will not be able to access it. Moreover,
user will securely authenticate itself by using different input parameters at the time of login to the
cloud server. This scheme can make users assure about the security of data stored in the cloud.
Here, we will apply an ECC and ECDH algorithm that provides same level of security as of other
public key cryptosystems with less key size and strengthens the security of the algorithm.

Benefits are Proper access mechanism to avoid unauthorised access to the information system.
Secure storage and access of data .The model would be hosted on a website. The website is
designed keeping in mind an average user so that he can understand the functioning easily and
does not have to hassle with the complex design of the website. The simple design of the website
makes it very easy for any user to access it easily and make full use of the product.

This is the landing page of the web application – the very first page which is visible when the app
is launched in the browser of the user’s system. This page lets the user know about the application
and let the user to choose between first time registration and login features. Along with this, the

12 | P a g e
page contains tabs for download and upload section also. It contains, app logo, tag line and makes
the user aware about the goal of the application is short period of time and enhances aesthetic
value

3.2 Registration :

This is the Registration Page of the application which is displayed when user is using the
application for the first time or does not possess a user account.The form here takes user’s full
name, email address, mobile number, DOB and gender as input to store user’s information and
validate the user before giving access to the app data. It first checks for all possible errors in the
credentials on the client side itself using regular expressions and pattern matching. Later, if the
data passes all the test cases, it is sent to server side to validate and store the details in the database
to create a working profile of the user.

3.3 Key Exchange

This is the Key Exchange page of the application. Using ECC algorithm, public key and private
key both are generated. Here Sender will be used to encrypt the data and receiver i.e.Bi sused to
decrypt the data by using its own private key.The form here takes, registration number along with
secret key for successful key exchange.

3.4 Generate user ID

This is the 3rd stage of Registration process itself. Here ECDH key agreement has been
automatically generated successfully and OTP (one time password) is sent to the email address
given by the user on stage one of the registration. The app takes OTP as input and after proper
validation of both the fields, it passes the control to the next stage of new user registration.

3.5 User ID Log In

On successful validation, the application generates a unique User ID. The user is requested to save
this ID as, once the registration is done, the user will be using just the User ID generated here and
the secret key entered earlier to use all the features and perform validation further in the
application. The new user registration completes here and now the user can easily login to access
his profile and use all the features of the application.

13 | P a g e
 3.6 Login

This is the Login page of the application which is loaded when the user clicks on the login tab
button. The page consists of a simple form which inputs the User ID of the user generated during
registration process and the OTP which is immediately sent to the user’s email address as soon as
he clicks on ‘Request for OTP’ button in the form. Later, both the values in the fields are validated
over the server with the values in the database and if successful the user is taken to the next page
that is Dashboard of the application, else error is generated.

3.7 My Account

This is the Dashboard Page of the application. When the user is able to successfully login into the
app for the first time, he is taken to the My Account section where he is shown the current details
of his account stored in the database and is given an opportunity to update any field if required and
click on submit button to save. The dashboard page serves as a navigating page as from here the
user can go-to encryption, decryption download and upload sections and can log out from the app
if the work is done.

3.8 Encryption

This is the File Encryption page of the application. If the user wishes to upload a file in the cloud
application and encrypt it to ensure security he would hit the encryption tab. Next he is asked to
enter the Encryption key which is actually the same secret key entered at the time of registration
also. After that, he is asked to select the file to be uploaded from his local system on which the
application is running. Lastly, click on submit to process the encryption and saving of file.Till now
in this project we were able to complete till here, completing the modules like, 3 step registration,
local database modelling and development, Key generation and OTP generation along with forms
validations at each level, the complete login module and the user interface of the application.
Currently, we are working on the file encryption and file handling module of the project, apart
from this, we have to complete the file encryption-decryption keys, file secure downloading,
implementation of AES algorithm and complete testing and load balancing of the application.

14 | P a g e
 3.9 Constraints And Assumption

Following are the constraints of Secure Cloud Simulation:

 The software is only available on the web.

 The project implements a security model and shows the simulation.
 To use this model in real time a lot of modifications will be needed.
 The project will be tested against a certain set of test cases only.

Following are the assumptions:

 The user has good knowledge of operating a computer and web application.
 The computer system has internet and/or LAN connection enabled.
 It is mandatory for the internet to be turned on and active.
 The user device has enough memory available for installation and proper functioning of the
application.

CHAPTER 4

SOFTWARE REQUIREMENTS SPECIFICATION

4.1 User Interface

15 | P a g e
 Platform – Desktop or Mobile browser
 Display – 1024x768 or higher, 1366x768 recommended
 Color – 16 million colored display
 JavaScript enabled browser.
 Latest Video and supported graphics drivers.

4.2 Hardware Interface

 Processor – i3/i5/i7 x64 Bit Minimum 2 Ghz.

 Hard Disk – 8 GB + at least 2 GB for Relational Database System
 Memory – 2 GB RAM minimum, 4 GB RAM recommended
 High Speed Internet Access
 LAN Connection with Ethernet.

4.3 Software Interface

 Linux / Windows OS, Ubuntu 16.04 Preferred

 JDK 7 or above
 NetBeans IDE
 Relational Database Server, MYSQL Preferred
 Apache Tomcat Server

4.3.1 Tools And Technologies

JAVA Programming Language

Java is a programming language and computing platform first released by Sun Microsystems in
1995. There are lots of applications and websites that will not work unless you have Java installed,
and more are created every day. Java is fast, secure, and Reliable. From laptops to data centres,
game consoles to scientific supercomputers, cell Phones to the Internet, Java is everywhere.

16 | P a g e
 Features of JAVA:

It is a general purpose, high-level programming language developed by Sun Microsystems

 It encourages error-free programming by being strictly typed and performing run-time checks.
 Provides integrated support for multithreaded programming.
 It provides a secure means of creating Internet applications.
 It is not tied to a specific machine or operating system architecture.
 It programs carry with them substantial amounts of run-time type information that is used to verify
and resolve accesses to objects at run time.
 Java programs can be transferred over world wide web (e.g., applets

Javascript
JavaScript often abbreviated as JS,is a high-level,interpreted programming language that conforms
to the script specification. It is a language that is also characterised as dynamic,weakly
typed ,prototype based and multi-paradigm along side HTML and CSS,Javasript is the one of the
three core technologies of the World Wide Web
Apache Tomcat
 Apache tomcat is an open source application
 It provides support for pure Java, HTTP web servers.
 Java code can execute easily
 It has high performance with minimum computational
 It supports the web services standards
Database MySQL
MySQL is the worlds most open source data base with its proven performance, reliability
ease of use. MySQL has become the leading database applications used by high profile web
properties developed application are used. it is an extremely popular choice as embedded database,
distributed by thousands of ISVs and OMEs
HTML
HTML stands for hypertext Mark-up language that is used to build up webpage through out
browser .Each retrival unit is known as web page it is most widely used in language on the
develop web page
CSS

17 | P a g e
 CSS stands for cascading Style Sheet language used for describing the presentation of a document
written in a mark up language such as HTML or XML CSS is used to control the style of a web
document in a simple and easy way.
Spring Tool
Spring Tool suite is an IDE to develop Spring Application .It is an eclipse based environment to
implement run deploy and debug the application.It is a validate application and provides quick fix
for application .

4.4 Functional Requirement

The functional requirement part discusses the functional behaviour that should be possessed by
the system. Each requirement maps to a higher-level function that transforms the given set of input
data into output data. The functional requirements can be identified as the modules involved.
These modules perform separate functions based on the given input and return output data for the
next level. Each module acts as an independent entity acting on its own but the output collected is
just an intermediate data for other modules.

Different types of functional requirements possessed by the system are:

1. Introduction Module
2. Registration Module
3. Key Exchange Module
4. ID Generation Module
5. Login Module

Module 1: Introduction Module

 Purpose –A brief introduction. It is invented to be engaging and communicate the theme of the
cloud application to the user.
 Inputs – No input is necessary.

18 | P a g e
 Outputs – Immediately load the Main Menu Screen (Registration Screen).

Module 2: Registration Module

 Purpose – The central point after connection establishment. The menu responds to user clicks and
details are sent to the server.
 Inputs – Username, Mobile Number, Email, DOB fields are displayed, submit button.
 Outputs – Control is passed to key exchange page with a random registration created.

Module 3: Key Exchange Module

 Purpose – For ECCDH equivalent key exchange.

 Inputs – Secret Private Key for exchange.
 Outputs –ECDH Key is generated and OTP sent to mail ID.

Module 4: ID Generation Module

 Purpose – For user ID generation. Generation of user ID. Accessing the cloud storage. Fresh OTP
sent to email ID.
 Inputs – OTP from email ID in the text field. User ID and OTP Request.
 Outputs – Random user ID is generated. OTP verification and redirecting to user account.

Module 5: Login Module

 Purpose – To check credentials of the user and log him in if they are correct and grant the access
to their account.
 Inputs – User ID and the OTP sent to the user’s email ID.
 Outputs – Immediately load the Profile Screen if the credentials match.

19 | P a g e
 4.5 Non Function Requirements

A careful specification and adherence of non-functional requirements such as performance,

security, privacy and availability are crucial to the success or failure of any software system.

1. Performance Requirements

 The capability of the application depends on the performance of the servers. Anyone can use the
application easily because of good GUI.
 The application can take any number of users provided the database size is large enough. It
depends on the available memory space in database.
 On mobile devices and laptops, the battery is a scarce and valuable resource. The battery should
remain maximally available for the application to perform well. Your application may therefore
fall by the wayside or even get uninstalled by the user, if it drains too much battery.
 The text font size may need to be adjusted up (for high resolution screens) or down (for low
resolution screens) so as to keep the text readable.

20 | P a g e
 2.Safety Requirements

 The layout may need to be taken care of and adjusted to increase or decrease the spacing between
and around labels and widgets shown on the screen so as to prevent them from getting clustered
together on high-res screens or spaced apart too much on low-res screens.
 Any images used in the project have to be provided in two different versions: a large size/high
resolution version and a small size/low resolution version so that it properly fills the amount of
physical space available on the screen.

3.Security Requirements

 Although security is the utmost priority and has been taken care the most but care must be taken
against virus and malware threats.
 This application will be available for all the users within the Internet. The system server should be
up for 365 days and the downtime should be minimized in case of any attack or difficulties.
 Firewall should be used on the user’s system to prevent any suspicious activity.

4.Software Quality Attributes

 24x7 availability of the system with suitable updating at regular interval of time. To maintain
integrity of the data and in order to ensure the security of the database by asking them to sign up
for the application.
 Form validation so that only real users access the system. An error message should be displayed
in case of improper working of the application.
 Email -ID entered should be valid as OTP is sent to that Email ID.
 The application can be accessed at any place that has Internet connectivity.
 Always save the data before closing the website.
 An error message should be displayed in case of improper working of the application.
 24 hours availability of internet connection is required.

21 | P a g e
 CHAPTER 5

SYSTEM DESIGN

Overall Display Of The Project

5.1 Architecture Diagram

The architecture of secure data storing and resource allocation in Cloud Computing is shown in
Different user’s first register in the cloud. Security provider checks the authentication of the user
to upload a file of the owner by generating a private key. The encrypted file is stored in the cloud
server. Worldwide end clients access the file with permission of the respective file owner. Any file
requested from the authorized user is checked by the availability of the resource in the cloud
storage. The resources availability is stored in a separate file, i.e., called reliability check. The
virtual machine allocates the resources or resources are not allocated. If the file is present, the end
user easily receives the file or else if the file is corrupt then the file is regenerate and delivered to

22 | P a g e
the end user based on demand. Security is provided by encrypting the private key

Fig 5.1

5.2 Sequence Diagram

A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that
shows how processes operate with one another and in what order. It is a construct of a Message
Sequence Chart. Sequence diagrams are sometimes called event diagrams, event scenarios, and
timing diagrams.

23 | P a g e
 Fig 5.2

5.3 Data Flowing Diagram

A data flow design (DFD) is a graphical representation of the “flow” of the data through an
information system, modeling its process aspects. A DFD is often used as a preliminary step to
create an overview of the system without going into great detail, which can later be elaborated.
DFDs can also be used for the visualization of data processing (structured design).

Fig 5.3

24 | P a g e
 LEVEL-0DFD

LEVEL 1 DFD

25 | P a g e
 LEVEL 2 DFD

5.4 Use Case Diagram

A use case diagram in the Unified Modelling Language (UML) is a type of behavioural diagram
defined by and created from a Use-case analysis. Its purpose is to present a graphical overview of
the functionality provided by a system in terms of actors, their goals (represented as use cases),
and any dependencies between those use cases. The main purpose of a use case diagram is to show
what system functions are performed for which actor. Roles of the actors in the system can be
depicted

26 | P a g e
 Fig 5.4

5.4 CLASS TABLES

27 | P a g e
28 | P a g e
CHAPTER- 6

SYSTEM TESTING

29 | P a g e
 The purpose of testing is to discover errors. Testing is the process of trying to discover every
conceivable fault or weakness in a work product. It provides a way to check the functionality of
components, sub assemblies, assemblies and/or a finished product It is the process of exercising
software with the intent of ensuring that the Software system meets its requirements and user
expectations and does not fail in an unacceptable manner. There are various types of test. Each test
type addresses a specific testing requirement.

6.1.1 TYPES OF TESTS

6.1.2 Unit testing

Unit testing involves the design of test cases that validate that the internal program logic is
functioning properly, and that program inputs produce valid outputs. All decision branches and
internal code flow should be validated. It is the testing of individual software units of the
application .it is done after the completion of an individual unit before integration. This is a
structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform
basic tests at component level and test a specific business process, application, and/or system
configuration. Unit tests ensure that each unique path of a business process performs accurately to
the documented specifications and contains clearly defined inputs and expected results.

6.1.3 Integration testing

Integration tests are designed to test integrated software components to determine if they actually
run as one program. Testing is event driven and is more concerned with the basic outcome of
screens or fields. Integration tests demonstrate that although the components were individually
satisfaction, as shown by successfully unit testing, the combination of components is correct and
consistent. Integration testing is specifically aimed at exposing the problems that arise from the
combination of components.

6.1.4 Functional Testing

Functional tests provide systematic demonstrations that functions tested are available as specified
by the business and technical requirements, system documentation, and user manuals. Functional
testing is centered on the following items:

A. Valid Input : identified classes of valid input must be accepted.

B. Invalid Input : identified classes of invalid input must be rejected.
C. Functions : identified functions must be exercised.
D. Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked. Organization and

preparation of functional tests is focused on requirements, key functions, or special test cases. In
addition, systematic coverage pertaining to identify Business process flows; data fields, predefined

30 | P a g e
processes, and successive processes must be considered for testing. Before functional testing is
complete, additional tests are identified and the effective value of current tests is determined.

6.1.5 System Testing

System testing ensures that the entire integrated software system meets requirements. It tests a
configuration to ensure known and predictable results. An example of system testing is the
configuration oriented system integration test. System testing is based on process descriptions and
flows, emphasizing pre-driven process links and integration points.

6.1.6 White Box Testing

White Box Testing is a testing in which in which the software tester has knowledge of the inner
workings, structure and language of the software, or at least its purpose. It is purpose. It is used to
test areas that cannot be reached from a black box level.

6.1.7 Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner workings, structure
or language of the module being tested. Black box tests, as most other kinds of tests, must be
written from a definitive source document, such as specification or requirements document, such
as specification or requirements document. It is a testing in which the software under test is
treated, as a black box .you cannot “see” into it. The test provides inputs and responds to outputs
without considering how the software works.

6.1.7 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant participation by
the end user. It also ensures that the system meets the functional requirements.

TestCase Name TestCase Step Expected Actual Test Case Status

Description

Upload file User has to upload

If we uploaded the
Encrypted file
Encrypted file
Pass
uploaded uploaded
successfully successfully

31 | P a g e
Update file User has to update
If we updated the
File is updated
File is updated
Pass
successfully successfully

View file User can view the

Files are uploadedUser can view the
User can view the
Pass

Secret key We get secret from

Secret key should
Secret key has been
Secret key has been
Pass
auditor be entered sent to email id sent to email id

Verification We
of has to enter
Secret key has been
Verified Verified Pass
secret key secret key sent to email id successfully successfully

Download file If user want User

to download the
Downloaded Downloaded Pass
download by entering secret
Successfully Successfully

Test Results:

All the test cases mentioned above passed successfully. No defects encountered

CHAPTER-7

SYSTEM FEATURES

32 | P a g e
 Fig. 7

This is the landing page of the web application – the very first page which is visible when the app
is launched in the browser of the user’s system. This page lets the user know about the application
and let the user to choose between first time registration and login features. Along with this, the
page contains tabs for download and upload section also. It contains, app logo, tag line and makes
the user aware about the goal of the application is short period of time and enhances aesthetic
value.

7.1 AUTHENTIC REGESTRATION OF THE USER

33 | P a g e
 Fig. 7.1

This is the Registration Page of the application which is displayed when user is using the
application for the first time or does not possess a user account.The form here takes user’s full
name, email address, mobile number, DOB and gender as input to store user’s information and
validate the user before giving access to the app data. It first checks for all possible errors in the
credentials on the client side itself using regular expressions and pattern matching. Later, if the
data passes all the test cases, it is sent to server side to validate and store the details in the database
to create a working profile of the user.

34 | P a g e
 Fig. 7.1

This is the Key Exchange page of the application. Using ECC algorithm, public keyand private
key both are generated. Here Sender will be used to encrypt the data and receiveri.e.Bisused to
decrypt the data by using its own private key.The form here takes, registration number along with
secret key for successful key exchange.

35 | P a g e
 Fig. 7.1

This is the 3rd stage of Registration process itself. Here ECDH key agreement has been
automatically generated successfully and OTP (one time password) is sent to the email address
given by the user on stage one of the registration. The app takes OTP as input and after proper
validation of both the fields, it passes the control to the next stage of new user registration.

36 | P a g e
 Fig.
7.1

On successful validation, the application generates a unique User ID. The user is requested to save
this ID as, once the registration is done, the user will be using just the User ID generated here and
the secret key entered earlier to use all the features and perform validation further in the
application. The new user registration completes here and now the user can easily login to access
his profile and use all the features of the application.

7.2 Preventing DDOS Attack Using Secure Login Via OTP

37 | P a g e
 Fig 7.2

This is the Login page of the application which is loaded when the user clicks on the login tab
button. The page consists of a simple form which inputs the User ID of the user generated during
registration process and the OTP which is immediately sent to the user’s email address as soon as
he clicks on ‘Request for OTP’ button in the form. Later, both the values in the fields are validated
over the server with the values in the database and if successful the user is taken to the next page
that is Dashboard of the application, else error is generated.

27
38 | P a g e
 Fig. 7.2

Here a confirmation message is shown to verify that the OTP is successfully delivered to the
registered email ID of the user.

39 | P a g e
 Fig. 7.2

This is the Dashboard Page of the application. When the user is able to successfully login into the
app for the first time, he is taken to the My Account section where he is shown the current details
of his account stored in the database and is given an opportunity to update any field if required and
click on submit button to save. The dashboard page serves as a navigating page as from here the
user can go-to encryption, decryption download and upload sections and can log out from the app
if the work is done.

7.3 File Uploading And Downloading With AES Encryption

40 | P a g e
 Fig. 7.3

This is the File Encryption page of the application. If the user wishes to upload a file in the cloud
application and encrypt it to ensure security, he would hit the encryption tab. Next he is asked to
enter the Encryption key which is actually the same secret key entered at the time of registration
also. After that, he is asked to select the file to be uploaded from his local system on which the
application is running. Lastly, click on submit to process the encryption and saving of file.

41 | P a g e
 Fig. 7.3

This is the final dashboard of the user’s account. Now after the encryption and uploading of the
file is completed, the user can go to the decryption section, enter the respective AES key that was
generated and given to him, and select the file to download. After this, the chosen file is decrypted
and ready for download. The downloading would start as soon as the user hits the download
button.

CHAPTER- 8

SCREENSHOTS

Homepage

42 | P a g e
Home Of The Project

43 | P a g e
Registration Page

44 | P a g e
Key Exchange

45 | P a g e
Generate User ID

46 | P a g e
User ID Log ID

47 | P a g e
LOGIN

48 | P a g e
49 | P a g e
50 | P a g e
My Account

Encryption

51 | P a g e
Download File

52 | P a g e
 CHAPTER 9

CONCLUSION

The Project simulates a model that is already quite common for consumer apps like email and
photo sharing, and for certain business applications. But in this project, we present a way to secure
the data using different security techniques and efficient encryption algorithms to secure the file
along with its location from the users that stores and retrieves it. As with the Internet, on-demand
applications have grown so ubiquitous that almost every business user interacts with at least one,
whether it's an email service, a Web conferencing application, or a file hosting system. The data is
stored at multiple places over the information space (over the Internet). It sounds similar to file
hosting websites which stores the data that is being uploaded by different users and can be

53 | P a g e
 retrieved using proper authentication. The only difference is that the system for which project is
targeted is an application based system like which will run on the clients own system. This
application will allow users to upload file of different formats with security features including
Encryption, secure OTP verification, uploading and downloading over the cloud securely.This
prototype works using a mixture of elliptical curve cryptography and symmetric key algorithm.
ECC is used to achieve the process of user's verification and to keep the private data secure. AES
algorithm is used which allow the user to store and access their data securely to the cloud by
encrypting the data in the client side and decrypting the data after downloading from the cloud.
Since the private key is owned by the user of the data, no one can decrypt the data, even though
the hacker can get the data through some approaches.The uploaded files can be accessed from
anywhere using the application which is provided. We believe this system serves as a foundation
for future work in integrating and securing information sources across the World Wide Web.

CHAPTER -10

FUTUTRE ENHANCEMENT

To minimize the processing time taken in all the encryption-decryption processes by using
professional hosting services and even better implementation of the security model.

CHAPTER -11

REFERENCES

1. Qin Liu, Guojun Wang, and JieWu“Efficient Sharing of Secure Cloud Storage Services”
2010 .10th IEEEInternational Conference on Computer and Information Technology (CIT - 2010).

54 | P a g e
2. Uma Somani, Kanika Lakhani, Manish Mundra“Implementing Digital Signature with RSA
Encryption Algorithm to Enhance the Data Security of Cloud in Cloud Computing” 2010 IEEE 1st
International Conference on Parallel,Distributed and Grid Computing (PDGC - 2010).
3. Ashutosh Kumar Dubey 1, Animesh Kumar Dubey 2, Mayank Namdev3, Shiv Shakti
Shrivastava4 “Cloud-UserSecurity Based on R SA and MD5 Algorithm for Resource Attestation
and Sharing in Java Environment “in 2011.
4. Xiang Tana, Bo Aib“The Issues of Cloud Computing Security in High-speed Railway “in 2011.
5. Arthur Rahumed, Henry C. H. Chen, Yang Tang, Patrick P. C. Lee, and John C. S. Lui “A Secure
Cloud Backup System with Assured Deletion and Version Control” 2011 International Conference
on Parallel ProcessingWorkshops.
6. EmanM.Mohamed and Sherif EI-Etriby “Randomness Testing of Modem Encryption Techniques
in CloudEnvironment” in year 2008.

55 | P a g e