DGPDP

A
Project Report
On
Dynamic Group-Oriented Provable Data Possession in the Cloud
Submitted In partial fulfillment of the Requirements
for the award of the degree of
BACHELOR OF TECHNOLOGY
in
COMPUTER SCIENCE & ENGINEERING
Submitted by
C.INDIRA (20BG1A0514)
S.NIKITHA (20BG1A0553)
C.SAI KUMARI (20BG1A0513)
L.ANUSHA (20BG1A0535)
B.NAGA JYOTHI (20BG1A0504)
M.SUPRIYA (17BG1A0523)
Under the Guidance of

Mrs. J.KALYANI MCA
Assistant Professor,DEPT of CSE
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

SRI VENKATESWARA INSTITUTE OF SCIENCE AND
TECHNOLOGY
TADIGOTALA (V), YSR KADAPA DISTRICT, AP- 516003
Approved by AICTE New Delhi and Affiliated to JNTUA,
Anantapuram.
2020-2024
SRI VENKATESWARA INSTITUTE OF SCIENCE AND
TECHNOLOGY
BONAFIDE CERTIFICATE
Certified that this project report” Dynamic Group-Oriented Provable Data

Possession in the Cloud” is the bonafide work done by “C.INDIRA (20BG1A0514),
S.NIKITHA (20BG1A0553), B.NAGA JYOTHI (20BG1A0504), M.SUPRIYA
(17BG1A0523), L.ANUSHA (20BG1A0535), C.SAI KUMARI (20BG1A0513)”, who
carried out the project under my guidance during the year 2020-2024, towards partial
fulfillment of the requirements of the Degree of Bachelor of Technology in Computer
Science & Engineering from Jawaharlal Nehru Technological University, Anantapur. The
results embodied in this report have not been submitted to any other University for the
award of any degree.
PROJECT GUIDE HEAD OF THE DEPARTMENT
Mrs.J.Kalyani MCA Dr. Shaik Jaffar Hussain Ph.D

Assistant Professor Associate Professor, HoD
Department of CSE. Department of CSE.
Submitted for viva voice examination held on
Internal Examiner External Examiner

ACKNOWLEDGMENT
At every outset, I thank the almighty lord for showering his grace and blessings
upon me to complete this project.
Although our name appears on the cover of this book, many people had
contributed in some form or another form to this project Development. We could not have
done this project without the assistance or support of each of the following we thank you
all.
We wish to show our deep gratitude to my project guide,J.Kalyani MCA,
Assistant Professor, DEPT of CSE for her constant motivation and valuable help
throughout the project work.
We express our gratitude to Dr.Shaik Jaffar Hussain Ph.D,Associate Professor
and Head of the Department for CSE, of Sri Venkateswara Institute of Science and
Technology .
We express our gratitude to Dr.G.Venkata Suresh Babu,M.Tech, Ph.D,
Principal of Sri Venkateswara Institute of Science and Technology for his valuable
suggestions and advices throughout the B.Tech course. We also extend m our thanks to
other faculties for their cooperation during our course.
We express our gratitude to S r i R . V e e r a R e d d y , F o u n d e r o f S r i

V e n k a t e s w a r a I n s t i t u t e o f S c i e n c e a n d T e c h n o l o g y a n d Er.R. Sai
Sharan Reddy, Chairman of Sri Venkateswara Institute of Science and Technology.
We express our gratitude to all the faculties and Dept of CSE for their co
operation to complete this project.
C.Indira (20BG1A0514)
S.Nikitha (20BG1A0553)
PLACE: KADAPA C.Sai Kumari (20BG1A0513)
B.Naga Jyothi (20BG1A0504)
DATE: L.Anusha (20BG1A0535)
M.Supriya (17BG1A0523)
ABSTRACT
As an important security property of cloud storage, data integrity has not been
sufficiently studied under the multi writer model, where a group of users work on
shared files collaboratively and any group member can update the data by
modification, insertion, and deletion operations. Existing works under such multi-
writer model would bring large storage cost to the third-party verifiers. Furthermore,
to the best of our knowledge, none of the existing works for shared files supports fully
dynamic operations, which implies that users cannot freely perform the update
operations.In this paper, we propose the first public auditing scheme for shared data
that supports fully dynamic operations and achieves constant storage cost for the
verifiers. Our scheme, named Prays, is boosted by a new paradigm for remote data
integrity checking. To implement the new paradigm, we proposed a specially
designed authenticated structure, called blockless Merkle tree, and a novel
cryptographic primitive, called permission-based signature. Extensive evaluation
demonstrates that prays is as efficient as the existing less-functional solutions. We
believe that prays is an important step towards designing practical multi writer cloud
storage systems.
TABLE OF CONTENTS
S.NO CHAPTER NAME PAGE NO
1 INTRODUCTION 1
2 LITERATURE 5
SURVEY
3 SYSTEM ANALYSIS 8
3.1 EXISTING SYSTEM 8
3.2 PROPOSED SYSTEM 8
3.3 FEASABILITY 9
STUDY
3.4 MODULES 10
4 H/W AND S/W 11

REQUIRMENT
SPECIFICATIONS
4.1 HARDWARE 11
REQUIRMENTS
4,2 SOFTWARE 11
REQUIREMENTS
5 SYSTEM DESIGN 12
5.1 INTRODUCTION 12
5.2 SYSTEM DESIGN 12

ASPECTS
5.3 UML DIAGRAMS 15
5.3.1 USECASE DIAGRAM 23
5.3.2 CLASS DIAGRAMS 24
5.3.3 SEQUENCE 25
DIAGRAMS
5.3.4 ACTIVITY 26
DIAGRAM
6 IMPLEMENTATION 27
6.1 TECHNOLOGY 27
USED
7 SOURCE CODE 37
8 TESTING 51
8.1 INTRODUCTION 51
8.2 TYPES OF TESTS 51
9 SCREENS 56
10 CONCLUSION 70
11 FUTURE 71
ENHANCEMENT
12 BIBLIOGRAPHY 72
Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 1: Introduction
1. INTRODUCTION
INTRODUCTION
Cloud storage, which provides ubiquitous access to a pool of configurable remote
storage resources on-demand, is an attractive paradigm to both individuals and
enterprises. Along with this convenience, data integrity becomes a major concern about
storage outsourcing, especially considering platform failures and human errors. To
guarantee data integrity in cloud storage services, many relevant cryptographic primitives
have been proposed . Generally, through assigning a cryptographic tag to each data block
of a file and validating it, those primitives allow a verifier (i.e., the data owner or a
special third party) to examine remote data integrity without downloading the whole file,
and therefore reduce the communication cost. However, those primitives are limited to
the single-writer model, where only the data owner can update the data in the cloud. On
the other hand, as online cooperation develops intensively, the multi-writer model, where
shared files could be updated by a group of users for collaboration, is more preferred in
nowadays cloud platforms (e.g., Drop box and Sugar Sync). Protecting data integrity in
the multi-writer cloud storage, i.e., for dynamic shared data, then turns to be an urgent
challenge.Most existing solutions under the multi-writer model simply apply the
paradigm for the single-writer model, under which each data block is signed with a user’s
private key. When user is revoked, all the data blocks signed by that user have to be re-
signed by an unrevoked user or the cloud server . Since the number of data blocks is huge
in the cloud (e.g., 1 TB data can have 2:68 _ 108 data blocks with each block of size 4
kB), these kinds of methods are inefficient in practice.
Some researchers regarded signers’ identities as private under the multi-writer
model, since they could reveal some significant information about the signed (even
encrypted) data. Taking the e-Health records out souring as an example, once the cloud
finds that a patient’s (maybe encrypted) record is signed by an onclogist, the cloud could
infer some private information about that patient, which may violate patient rights. Many
privacy-preserving solutions have been proposed to solve this issue. However,
cooperative users in those solutions cannot determine by themselves who updated the
files stored in the cloud, which is an important function in real world cloud storage
SVIST, Kadapa Department of CSE Page 1

systems (e.g., Drop box and Sugar Sync), called revision history. This means that in the a
fore mentioned example, a doctor is unable to learn who made the previous diagnosis by
himself/herself. In summary, a privacy-preserving integrity checking scheme under the
multi-writer model should achieve anonymity and offline traceability, simultaneously. In
addition, there are two other shortcomings in existing multi-writer solutions. The size of
verification materials in those solutions, such as public keys, depends on the number of
users or data blocks, which may result in unaffordable workload, especially when the
data is huge . That means the verification process only applies to dedicated servers and
not to users’ resource-constrained devices, such as smart phones and laptops. On the
other hand, those solutions do not support fully dynamic operations, which includes
unlimited times of modification , insertions, and deletions of data blocks. Specifically,
some schemes only supports modifications and deletions, but not insertions .
Based on the above discussions, there still lacks an efficient and privacy-preserving
integrity checking scheme under the multi-writer model, in which a group of users are
enabled to outsource and work on (i.e., read and write) shared files collaboratively. In
practice, a preferred data integrity checking design is expected to have the following
features (in addition to integrity):
Fully dynamic operations. This property implies that group members can freely perform
modification, insertion, and deletion operations.
Constant auditing metadata. This property implies that the size of verification materials
maintained by verifiers for integrity checking should be independent of the number of
users and the data size.
Secure user revocation. This property implies that group members can be efficiently
revoked. Further, the system should resist the collusion between revoked users and the
cloud, and between revoked users and third party verifiers.
Anonymity. This property implies that a writer’s identity should not be revealed from
his/her signature to the cloud or third party verifiers.
Traceability. This property implies that users from the same group can identify who
updated the shared data from the signature, i.e., obtaining the revision history, without the
help from any online entity.

In this paper, we follow the line of provable data possession, and propose a
dynamic group-oriented provable data possession scheme, called prays, which holds all
the above-mentioned features. Compared with existing solutions (i.e., generating the tags
and then building the structure), prays is boosted by a new paradigm: building the
structure and then generating the tag. Our main contributions are summarized as follows.
1) We present a customized authenticated structure, named block less Merkle tree.
Compared with the traditional Merkle tree, the proposed structure supports block less
verification (i.e., to check remote data integrity without downloading the challenged data
blocks) through an elaborate process for each data block.
2) We propose a novel cryptographic primitive, named permission-based signature.
Permission-based signature is the first cryptographic primitive that achieves both
anonymity and offline traceability. Further, this primitive could also be used
independently in other privacy preserving applications.
3) We design prays based on the blockless Merkle tree and the permission-based
signature. To the best of our knowledge, prays is the first provable data possession
scheme under the multi-writer model that supports fully dynamic operations as well as
constant auditing metadata.
4) We conduct comprehensive security analysis and extensive evaluations for the
proposed scheme. The results demonstrate that, compared with existing solutions, prays
can perform richer functions (e.g., fully dynamic operations) while maintaining
reasonable computation and communication cost.
The rest of this paper is organized as follows. In Section II, we describe the
models and definitions. We present our solution, called prays, in Section III. We conduct
the security analysis and performance evaluation in Section IV and Section V,
respectively. We review the related work in Section VI, and we conclude this paper and
point out our future work in Section VII.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 2: Literature Survey
2. LITERATURE SURVEY
1. H. Wang, D. He, and S. Tang, “Identity-Based Proxy-Oriented DataUploading
and Remote Data Integrity Checking in Public Cloud,” IEEETransactions on
Information Forensics and Security, vol. 11, no. 6, pp.1165–1176, 2016.
More and more clients would like to store their data to public cloud servers
(PCSs) along with the rapid development of cloud computing. New security problems
have to be solved in order to help more clients process their data in public cloud. When
the client is restricted to access PCS, he will delegate its proxy to process his data and
upload them. On the other hand, remote data integrity checking is also an important
security problem in public cloud storage. It makes the clients check whether their
outsourced data are kept intact without downloading the whole data. From the security
problems, we propose a novel proxy-oriented data uploading and remote data integrity
checking model in identity-based public key cryptography: identity-based proxy-oriented
data uploading and remote data integrity checking in public cloud (ID-PUIC). We give
the formal definition, system model, and security model. Then, a concrete ID-PUIC
protocol is designed using the bilinear pairings. The proposed ID-PUIC protocol is
provably secure based on the hardness of computational Diffie-Hellman problem. Our
ID-PUIC protocol is also efficient and flexible. Based on the original client's
authorization, the proposed ID-PUIC protocol can realize private remote data integrity
checking, delegated remote data integrity checking, and public remote data integrity
checking.
2. Y. Yu, M. H. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, andG. Min, “Identity-

Based Remote Data Integrity Checking With PerfectData Privacy Preserving for
Cloud Storage,” IEEE Transactions onInformation Forensics and Security, vol. 12,
no. 4, pp. 767–778, 2017.
Remote data integrity checking (RDIC) enables a data storage server, say a cloud
server, to prove to a verifier that it is actually storing a data owner's data honestly. To
date, a number of RDIC protocols have been proposed in the literature, but most of the
constructions suffer from the issue of a complex key management, that is, they rely on

the expensive public key infrastructure (PKI), which might hinder the deployment of
RDIC in practice. In this paper, we propose a new construction of identity-based (ID-
based) RDIC protocol by making use of key-homomorphic cryptographic primitive to
reduce the system complexity and the cost for establishing and managing the public key
authentication framework in PKI-based RDIC schemes. We formalize ID-based RDIC
and its security model, including security against a malicious cloud server and zero
knowledge privacy against a third party verifier. The proposed ID-based RDIC protocol
leaks no information of the stored data to the verifier during the RDIC process. The new
construction is proven secure against the malicious server in the generic group model and
achieves zero knowledge privacy against a verifier. Extensive security analysis and
implementation results demonstrate that the proposed protocol is provably secure and
practical in the real-world applications.
3. Z. Ren, L. Wang, Q. Wang, and M. Xu, “Dynamic Proofs of Retrievabilityfor

Coded Cloud Storage Systems,” IEEE Transactions on ServicesComputing, vol. 11,
no. 4, pp. 685–698, 2018.
Cloud storage allows users to store their data in a remote server to get rid of
expensive local storage and management costs and then access data of interest anytime
anywhere. A number of solutions have been proposed to tackle the verification of remote
data integrity and retrievability in cloud storage systems. Most of existing schemes,
however, do not support efficient data dynamics and/or suffer from security
vulnerabilities when involving dynamic data operations. In this paper, we propose a
dynamic proof of retrievability scheme supporting public auditability and
communication-efficient recovery from data corruptions. To this end, we split up the data
into data blocks and encode each data block individually using outer code and inner code
before outsourcing so that i) an update inside any data block only affects a few codeword
symbols and ii) communication-efficient data repair for a breakdown server can be
achieved and communication overhead for small data corruptions within a server can be
eliminated. Based on the encoded data blocks, we utilize rb23Tree to enforce the data
sequence for dynamic operations, preventing the cloud service provider from

manipulating data block to pass the integrity check in the dynamic scenario. Formal
security analysis and extensive experimental evaluations are conducted, showing that the
proposed scheme is practical for use in cloud storage systems
4. S. Guarino, E. S. Canlar, M. Conti, R. D. Pietro, and A. Solanas,

“Provablestorage medium for data storage outsourcing,” IEEE Transactionson
Services Computing, vol. 8, no. 6, pp. 985–997, 2015.
In remote storage services, delays in the time to retrieve data can cause economic
losses to the data owners. In this paper, we address the problem of properly establishing
specific clauses in the service level agreement (SLA), intended to guarantee a short and
predictable retrieval time. Based on the rationale that the retrieval time mainly depends
on the storage media used at the server side, we introduce the concept of Provable
Storage Medium (PSM), to denote the ability of a user to efficiently verify that the
provider is complying to this aspect of the SLA. We propose PSM as an extension of
Provable Data Possession (PDP): embedding challenge-response PDP schemes with
measurements of the response time, both properties can be enforced without any need for
the user to locally store nor download her data. We describe a realistic implementation of
PSM in a scenario where data should be stored both in RAM and HDD. A thorough
analysis shows that, even for relatively small challenges, the total time to compute and
deliver the response is sensibly affected by the remarkable difference in the access time
of the two supports. An extensive simulation campaign confirms the quality and viability
of our proposal.

5. B. Wang, B. Li, and H. Li, “Panda: Public Auditing for Shared Datawith Efficient
User Revocation in the Cloud,” IEEE Transactions onServices Computing, vol. 8,
no. 1, pp. 92–106, 2015.
With data storage and sharing services in the cloud, users can easily modify and
share data as a group. To ensure shared data integrity can be verified publicly, users in
the group need to compute signatures on all the blocks in shared data. Different blocks in
shared data are generally signed by different users due to data modifications performed
by different users. For security reasons, once a user is revoked from the group, the blocks
which were previously signed by this revoked user must be re-signed by an existing user.
The straightforward method, which allows an existing user to download the
corresponding part of shared data and re-sign it during user revocation, is inefficient due
to the large size of shared data in the cloud. In this paper, we propose a novel public
auditing mechanism for the integrity of shared data with efficient user revocation in
mind. By utilizing the idea of proxy re-signatures, we allow the cloud to re-sign blocks
on behalf of existing users during user revocation, so that existing users do not need to
download and re-sign blocks by themselves. In addition, a public verifier is always able
to audit the integrity of shared data without retrieving the entire data from the cloud, even
if some part of shared data has been re-signed by the cloud. Moreover, our mechanism is
able to support batch auditing by verifying multiple auditing tasks simultaneously.
Experimental results show that our mechanism can significantly improve the efficiency
of user revocation.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 3: System Analysis
3. SYSTEM ANALYSIS
3.1 EXISTING SYSTEM
Single-Writer Solutions. Integrity checking in the cloud was first explored under the
single-writer model for personal data management. Juels and Kaliski introduced the
concept of Proof of Retrievability (PoR) and proposed a concrete construction [5].
Unfortunately, their scheme only allows limited times of integrity checking. Ateniese et
al. independently introduced a similar concept, called Provable Data Possession (PDP)
[4]. Their scheme allows unlimited times of integrity checking, and supports public
auditing, which means anyone can check the data integrity. This property is highly
preferred since users can delegate the checking capability to third-party verifiers for
alleviating the computation burden. Nevertheless, their scheme does not support
dynamic operations.Subsequent works devoted to integrity checking schemes for
dynamic data . In public auditing, in addition to the public key, the verifiers usually
maintain some information about the current status of the audited data, called state
information. The state information is crucial to dynamic cloud storage and leverages
which the verifier determines whether the stored data on the cloud is upto-date.
However, applying those schemes to the multi-writer model would raise performance
concern in the revocation process.
Multi-Writer Solutions. Researchers then focus on integrity checking schemes

under the multi-writer model which supports data sharing among a group of
users .Wang et al. introduced the concept of group-oriented proofs of storage, but did
not consider any dynamic data operations. Wang et al. proposed a public auditing
scheme, called Oruta, which guarantees identity privacy . However, Oruta does not
support non-trivial user revocation due to the inherent property of the ring signature.
To support user revocation, Wang et al. proposed another solution, called Panda.
Nevertheless, Panda could not resist the collusion between the cloud and the
revoked user. Yuan and Yu proposed a public integrity checking scheme for data sharing,
which supports secure user revocation . Unfortunately, their scheme does not satisfy

the security definition for integrity checking in the cloud as opposed to previous
schemes. That is, no one can extract the challenged blocks during the checking process
in their scheme.
Jiang et al. proposed a public integrity auditing scheme for shared data based on
group signature and vector commitment . Their solution supports secure user
revocation and guarantees identity privacy. However, it cannot reveal revision history to
users, since with group signature, even group members could not identify who has
updated the shared data. Furthermore, their solution requires that the data size has to
be fixed and determined at the beginning of system initialization, which makes their
solution less flexible.
Disadvantages
1) The system was not implemented blockless Merkle tree which leads less security on
outsourced data.
2) The system is less security due to lack of Identity-Based Encryption
3.2 PROPOSED SYSTEM

In this paper, we follow the line of provable data possession , and propose a
dynamic group-oriented provable data possession scheme, called prays, which holds all
the above-mentioned features. Compared with existing solutions (i.e., generating the
tags and then building the structure), prays is boosted by a new paradigm: building the
structure and then generating the tag. Our main contributions are summarized as
follows.
1) The system presents a customized authenticated structure, named blockless Merkle

tree. Compared with the traditional Merkle tree, the proposed structure supports
blockless verification (i.e., to check remote data integrity without downloading the
challenged data blocks) through an elaborate process for each data block.

2) The system proposes a novel cryptographic primitive, named permission-based

signature. Permission-based signature is the first cryptographic primitive that achieves
both anonymity and offline traceability. Further, this primitive could also be used
independently in other privacypreserving applications.
3) The system designs PRAYS based on the blockless Merkle tree and the permission-
based signature. To the best of our knowledge, prays is the first provable data
possession scheme under the multi-writer model that supports fully dynamic operations
as well as constant auditing metadata.
4) The system conducts comprehensive security analysis and extensive evaluations for
the proposed scheme. The results demonstrate that, compared with existing
solutions,prays can perform richer functions (e.g., fully dynamic operations) while
maintaining reasonable computation and communication cost.
Advantages
Fully dynamic operations. This property implies that group members can freely perform
modification, insertion, and deletion operations.
Constant auditing metadata. This property implies that the size of verification materials
maintained by verifiers for integrity checking should be independent of the number of
users and the data size.
Secure user revocation. This property implies that group members can be efficiently
revoked. Further, the system should resist the collusion between revoked users and the
cloud, and between revoked users and third party verifiers.
Anonymity. This property implies that a writer’s identity should not be revealed from
his/her signature to the cloud or third party verifiers.
Traceability. This property implies that users from the same group can identify who
updated the shared data from the signature, i.e., obtaining the revision history, without the
help from any online entity.
3.3 FEASIBILTY STUDY
The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some cost estimates. During system

analysis the feasibility study of the proposed system is to be carried out. This is to ensure
that the proposed system is not a burden to the company. For feasibility analysis, some
understanding of the major requirements for the system is essential.
Three key considerations involved in the feasibility analysis are
◆ ECONOMICAL FEASIBILITY
◆ TECHNICAL FEASIBILITY
◆ SOCIAL FEASIBILITY
ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will have
on the organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the
developed system as well within the budget and this was achieved because most of the
technologies used are freely available. Only the customized products had to be purchased.
TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the
available technical resources. This will lead to high demands on the available technical
resources. This will lead to high demands being placed on the client. The developed
system must have a modest requirement, as only minimal or null changes are required for
implementing this system.
SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the user.
This includes the process of training the user to use the system efficiently. The user must
not real threatened by the system, instead must accept it as a necessity. The level of
acceptance by the users solely depends on the methods that are employed to educate the
user about the system and to make him familiar with it. His level of confidence must be
raised so hat he is also able to make some constructive criticism, which is welcomed, as
he is the final user of the system.

3.4 MODULES
3.4.1. Data Owner

In this module, Data owner has to register to cloud and logs in, Encrypts and
uploads a file to cloud server and also performs the following operations such as Upload
File with Blocks,View All Upload File with Blocks, Perform Data Integrity Auditing,
View Transactions.
3.4.2 Cloud Server
In this module the cloud will authorize both the owner and the user and also
performs the following operations such as View All File's Blocks,View All
Transactions,View All Attackers, View Time Delay Results,View Throughput Results
3.4.3 TPA
In this module, the TPA performs the following operations such asView Metadata
Details, View All Transactions,View All Attackers
3.4.4 Data User
In this module, the user has to register to cloud and log in and performs the
following operations such as Search Data, Download Data.
3.4.5 Group Manager
In this module, Group Manager has to Login in from the Server and has to
perform the following operations View and Authorize Users, View and Authorize
Owners and has to manage the groups between users and data owners.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 4: H/W & S/W Requirements
4. HARDWARE AND SOFTWARE REQUIREMENT

SPECIFICATIONS
4.1 H/W REQUIREMENTS
Processor : Pentium –III/Above
Speed : 1.1 Ghz
RAM : 256 MB(min)
Hard Disk : 120 GB
4.2 SOFTWARE REQUIREMENTS
Operating system : Windows .
Coding Language : Java/J2EE
Web Server : Tomcat7.x
Database : MySQL5.5

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 5: System Design
5. SYSTEM DESIGN
5.1 INTRODUCTION
It is a language to specifying, visualizing and constructing the artifacts of
software system as well as for business models. UML was originally motivated by the
desire to standardize the disparate notational system and approaches to software design
developed by Grady Booch, Ivar Jacobson and James Rumbaugh at Rational Software in
1994-95. The UML notation is useful for graphically depicting Object Oriented Analysis
and Object Oriented Design modules. The unified modeling language is a standard
language for specifying, Visualizing, Constructing and documenting the software system
and its components. It is a graphical language that provides a vocabulary and set of
semantics and rules. The UML focuses on the conceptual and physical representation of
the system. It captures the decisions and understandings about systems that must be
constructed. It is used to understand, design, configure, maintain and control information
about the systems.
An Overview of UML
The Unified Modeling Language is a language for
• Visualizing.
• Specifying.
• Constructing.
• Documenting.
UML Models
User model view
• This view represents the system from the user’s perspective.
• The analysis representation describes a usage scenario from the end-users
perspective.
Structural model view
• In this model the data and functionality are arrived from inside the system.
• This model view models the static structures.
Behavioral model view

It represents the dynamic of Behavioral as parts of the system, depicting the

interactions of collection between various structural elements described in the user model
and structural model view.
Implementation model view
In this the structural and behavioral as parts of the system are represented as they
are to be built.
Environmental model view
In this the structural and Behavioral aspects of the environment in which the
system is to be implemented are represented. UML is specifically constructed through
two different domains they are
• UML Analysis modeling, this focuses on the user model and structural model
views of the system.
• UML design modeling, which focuses on the Bahavioural modeling,
implementation modeling and environmental model views.
A Conceptual model of UML
• The three major elements of UML are
• The UML’s basic building blocks.
• The rules that dictate how those building blocks may be put together.
• Some common mechanisms that apply throughout the UML.
Basic building blocks of the UML
The vocabulary of UML encompasses three kinds of building blocks
• Things.
• Relationships.
• Diagrams.
Things
Things are the abstractions that are first-class citizens in a model. Relationships
tie these things together. Diagrams group the interesting collection of things. There are
four kinds of things in the UML
Structural things
Behavioral things
Grouping things

Annotational things
Structural Things
Structural things are the nouns of the UML models. These are mostly static parts
of the model, representing elements that are either conceptual or physical. In all, there
are seven kinds of Structural things.
Use Case
Use case is a description of a set of sequence of actions that a system performs
that yields an observable result of value to a particular things in a model. Graphically,
Use Case is rendered as an ellipse with dashed lines, usually including only its name as
shown below.
Fig : Sample Use case diagram

Class
A class is a description of a set of objects that share the same attributes,
operations, relationships, and semantics. A class implements one or more interfaces.
Graphically a class is rendered as a rectangle, usually including its name, attributes and
operations, as shown below.
Windows
Origin
Size
Open()
Close()
Move()
Display()
Fig :Sample Class Diagram

Interface
An interface is a collection of operations that specify a service of a class or
component. An interface describes the externally visible behaviour of element.
Graphically the interface is rendered as a circle together with its name.
Fig :Interface

Collaboration
Collaboration defines an interaction and is a society of roles and other elements
that work together to provide some cooperative behaviour that’s bigger than the sum of
all the elements. Graphically, collaboration is rendered as an ellipse with dashed lines,
usually including only its name as shown below.
Fig : Sample Collaboration Diagram
Component
Component is a physical and replaceable part of a system that conforms to and
provides the realization of a set of interfaces. Graphically, a component is rendered as a
rectangle with tabs, usually including only its name, as shown below.
Fig : Sample Component Diagram

Node
A Node is a physical element that exists at run time and represents a
computational resource, generally having at least some memory and often, processing
capability. Graphically, a node is rendered as a cube, usually including only its name, as
shown below.
Fig : Sample Node Diagram
Behavioral Things
Behavioral things are the dynamic parts of UML models. These are the verbs of a
model, representing behavior over time and space.

Interaction
An interaction is a behavior that comprises a set of messages exchanged among a
set of objects within a particular context to accomplish a specific purpose.
Display
Fig : Sample Interaction Diagram
State Machine
A state machine is a behavior that specifies the sequence of states an object or an
interaction goes through during its lifetime on response to events, together with its
responses to those events. Graphically, a state is rendered as rounded rectangle usually
including its name and its sub-states, if any, as shown below.
Fig : Sample State Machine

3. Grouping Things
Grouping things are the organizational parts of the UML models. These are the
boxes into which a model can be decomposed.
Package A package is a general-purpose mechanism for organizing elements into
groups.
Fig : Sample Package Diagram

Annotational Things
Annotational things are the explanatory parts of the UML models.
Notes
A note is simply a symbol for rendering constraints and comments attached to an
element or a collection of elements. Graphically a note is rendered as a rectangle with
dog-eared corner together, with a textual or graphical comment, as shown below.

Fig : Sample Note Diagram

Relationships in the UML
There are four kinds of relationships in the UML
• Dependency.
• Association.
• Generalization.
• Realization.
These relationships are the basic relational building blocks of the UML. You use
them to write well-formed models. Graphically dependency is rendered as a dashed line,
possibly directed, and occasionally including a label.
-- - - - - - - - - - - - >
Fig :Dependency
Second, an association is a structural relationship that describes a set of links, a
link being a connection among objects. Aggregation is a special kind of association,
representing a structural relationship between a whole and its parts. Graphically, an
association is rendered as a solid line, possibly directed, occasionally including a label,
and often containing other adornments, such as multiplicity and role names.
Employer Employee
Fig :Association
Third, a generalization is a specialization/generalization relationship in which

objects of the specialized element are substitutable for objects of the generalized element
(the parent). In this way, the child shares the structure and the behavior of the parent.
Graphically a generalization relationship is rendered as a solid line with a hollow
arrowhead pointing to the parent.

Fig :Generalization
Fourth, a realization is a semantic relationship between classifiers, wherein one
classifier specifies a contract that another classifier guarantees to carry out. You’ll
encounter realization relationships in two places between interfaces and the classes or
components that realize them and between use cases and the collaborations that realize
them.
Fig :Realization
Each UML diagram is designed to let developers and customers view a software
system from a different perspective and in varying degrees of abstraction. Use Case
Diagram displays the relationship among actors and use cases.
Class Diagram models class structure and contents using design elements such as classes,
packages and objects. It also displays relationships such as containment, inheritance,
associations and others.
Interaction Diagrams
Sequence Diagram displays the time sequence of the objects participating in the
interaction. This consists of the vertical dimension (time) and horizontal dimension
(different objects).
• Collaboration Diagram displays an interaction organized around the objects and
their links to one another. Numbers are used to show the sequence of messages.
• State Diagram displays the sequences of states that an object of an interaction
goes through during its life in response to received stimuli, together with its
responses and actions.
Activity Diagram
Activity Diagram displays a special state diagram where most of the states are
action states and most of the transitions are triggered by completion of the actions in the
source states. This diagram focuses on flows driven by internal processing.
Physical Diagrams
• Component Diagram displays the high level packaged structure of the code itself.
Dependencies among components are shown, including source code components,
binary code components, and executable components. Some components exist at
compile time, at link time, at run times well as at more than one time.
• Deployment Diagram displays the configuration of run-time processing elements

and the software components, processes, and objects that live on them. Software
component instances represent run-time manifestations of code.
5.2 UML DIAGRAMS
5.2.1 Use Case Diagram
Use-case diagram graphically depict system behavior. These diagrams present a
high level view of how the system is used as viewed from an outsider’s (actor’s)
perspective. A use-case diagram may depict all or some of the use cases of a system.
A use-case diagram can contain:
• Actors
• Use cases
Interaction or relationship between actor and use cases in the system including the
associations, dependencies, and generalizations. Use-case diagram can be used during
analysis to capture the system requirements and to understand how the system should
work. During the design phase, you can use use-case diagrams to specify the behavior of
the systems implemented.
Use Case Diagram

FIG:Usecase Diagram
5.2.2 CLASS DIAGRAM

In software engineering, a class diagram in the Unified Modeling Language (UML)

is a type of static structure diagram that describes the structure of a system by showing
the system's classes, their attributes, operations (or methods), and the relationships among
the classes. It explains which class contains information.

FIG: Class Diagram

5.2.3 SEQUENCE DIAGRAM
A sequence diagram in Unified Modeling Language (UML) is a kind of

interaction diagram that shows how processes operate with one another and in what
order. It is a construct of a Message Sequence Chart. Sequence diagrams are sometimes
called event diagrams, event scenarios, and timing diagrams.
Fig : Sequence Diagram


Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 6: Implementation
6. IMPLEMENTATION
6.1 TECHNOLOGY USED
Java technology is both a programming language and a platform.
The Java Programming Language
The Java programming language is a high-level language that can be
characterized by all of the following buzzwords:
▪ Simple
▪ Architecture neutral
▪ Object oriented
▪ Portable
▪ Distributed
▪ High performance
▪ Interpreted
▪ Multithreaded
▪ Robust
▪ Dynamic
▪ Secure
With most programming languages, you either compile or interpret a program so
that you can run it on your computer. The Java programming language is unusual in that
a program is both compiled and interpreted. With the compiler, first you translate a
program into an intermediate language called Java byte codes —the platform-
independent codes interpreted by the interpreter on the Java platform. The interpreter
parses and runs each Java byte code instruction on the computer. Compilation happens
just once; interpretation occurs each time the program is executed. The following figure
illustrates how this works.
Fig 6.1.1 : Java Compiler Architecture

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool or a
Web browser that can run applets, is an implementation of the Java VM. Java byte codes
help make “write once, run anywhere” possible. You can compile your program into byte
codes on any platform that has a Java compiler. The byte codes can then be run on any
implementation of the Java VM. That means that as long as a computer has a Java VM,
the same program written in the Java programming language can run on Windows 2000,
a Solaris workstation, or on an iMac.
Fig 6.1.2 : Platform Independent Architecture

The Java Platform
A platformis the hardware or software environment in which a program runs.
We’ve already mentioned some of the most popular platforms like Windows 2000,
Linux, Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms in
that it’s a software-only platform that runs on top of other hardware-based platforms.
The Java platform has two components:
• The Java Virtual Machine (Java VM)
• TheJava Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java
platform and is ported onto various hardware-based platforms.
The Java API is a large collection of ready-made software components that
provide many useful capabilities, such as graphical user interface (GUI) widgets. The

Java API is grouped into libraries of related classes and interfaces; these libraries are
known as packages. The next section, What Can Java Technology Do? Highlights what
functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform. As
the figure shows, the Java API and the virtual machine insulate the program from the
hardware.
Native code is code that after you compile it, the compiled code runs on a specific
hardware platform. As a platform-independent environment, the Java platform can be a
bit slower than native code. However, smart compilers, well-tuned interpreters, and just-
in-time byte code compilers can bring performance close to that of native code without
threatening portability.
What Can Java Technology Do?

The most common types of programs written in the Java programming language
are applets and applications. If you’ve surfed the Web, you’re probably already familiar
with applets. An applet is a program that adheres to certain conventions that allow it to
run within a Java-enabled browser.
However, the Java programming language is not just for writing cute, entertaining
applets for the Web. The general-purpose, high-level Java programming language is also
a powerful software platform. Using the generous API, you can write many types of
programs.
An application is a standalone program that runs directly on the Java platform. A
special kind of application known as a server serves and supports clients on a network.
Examples of servers are Web servers, proxy servers, mail servers, and print servers.
Another specialized program is a servlet. A servlet can almost be thought of as an applet
that runs on the server side. Java Servlets are a popular choice for building interactive
web applications, replacing the use of CGI scripts. Servlets are similar to applets in that

they are runtime extensions of applications. Instead of working in browsers, though,

servlets run within Java Web servers, configuring or tailoring the server.
How does the API support all these kinds of programs? It does so with packages
of software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:
• The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
• Applets: The set of conventions used by applets.
• Networking: URLs, TCP (Transmission Control Protocol), UDP (User
Data gram Protocol) sockets, and IP (Internet Protocol) addresses.
• Internationalization: Help for writing programs that can be localized for
users worldwide. Programs can automatically adapt to specific locales and
be displayed in the appropriate language.
• Security: Both low level and high level, including electronic signatures,
public and private key management, access control, and certificates.
• Software components: Known as JavaBeansTM, can plug into existing
component architectures.
• Object serialization: Allows lightweight persistence and communication
via Remote Method Invocation (RMI).
• Java Database Connectivity (JDBCTM): Provides uniform access to a
wide range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts what
is included in the Java 2 SDK.

Fig 6.1.3 : JRE

6.2 METHODS OF IMPLEMENTATIONS
JDBC
In an effort to set an independent database standard API for Java; Sun
Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a generic
SQL database access mechanism that provides a consistent interface to a variety of
RDBMSs. This consistent interface is achieved through the use of “plug-in” database
connectivity modules, or drivers. If a database vendor wishes to have JDBC support, he
or she must provide the driver for each platform that the database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on ODBC.
As you discovered earlier in this chapter, ODBC has widespread support on a variety of
platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to market
much faster than developing a completely new connectivity solution.
JDBC was announced in March of 1996. It was released for a 90 day public
review that ended June 8, 1996. Because of user input, the final JDBC v1.0 specification
was released soon after.
The remainder of this section will cover enough information about JDBC for you to know
what it is about and how to use it effectively. This is by no means a complete overview of
JDBC. That would fill an entire book.
JDBC Goals
Few software packages are designed without goals in mind. JDBC is one that,
because of its many goals, drove the development of the API. These goals, in conjunction

with early reviewer feedback, have finalized the JDBC class library into a solid
framework for building database applications in Java.
The goals that were set for JDBC are important. They will give you some insight as to
why certain classes and functionalities behave the way they do. The eight design goals
for JDBC are as follows:
IP datagram’s
The IP layer provides a connectionless and unreliable delivery system. It
considers each datagram independently of the others. Any association between datagram
must be supplied by the higher layers. The IP layer supplies a checksum that includes its
own header. The header includes the source and destination addresses. The IP layer
handles routing through an Internet. It is also responsible for breaking up large datagram
into smaller ones for transmission and reassembling them at the other end.
UDP
UDP is also connectionless and unreliable. What it adds to IP is a checksum for
the contents of the datagram and port numbers. These are used to give a client/server
model - see later.
TCP
TCP supplies logic to give a reliable connection-oriented protocol above IP. It
provides a virtual circuit that two processes can use to communicate
Internet addresses
In order to use a service, you must be able to find it. The Internet uses an address
scheme for machines so that they can be located. The address is a 32 bit integer which
gives the IP address. This encodes a network ID and more addressing.
Network address
Class A uses 8 bits for the network address with 24 bits left over for other
addressing. Class B uses 16 bit network addressing. Class C uses 24 bit network
addressing and class D uses all 32.
Subnet address
Internally, the UNIX network is divided into sub networks. Building 11 is
currently on one sub network and uses 10-bit addressing, allowing 1024 different hosts.

Host address
8 bits are finally used for host addresses within our subnet. This places a limit of
256 machines that can be on the subnet.
Total Address
The 32 bit address is usually written as 4 integers separated by dots.
Port addresses
A service exists on a host, and is identified by its port. This is a 16 bit number. To
send a message to a server, you send it to the port for that service of the host that it is
running on. This is not location transparency! Certain of these ports are "well known".
Sockets
A socket is a data structure maintained by the system to handle network
connections. A socket is created using the call socket. It returns an integer that is like a
file descriptor. In fact, under Windows, this handle can be used with Read File and Write
File functions.
#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);
Here "family" will be AF_INET for IP communications, protocol will be zero, and type
will depend on whether TCP or UDP is used. Two processes wishing to communicate
over a network create a socket each. These are similar to two ends of a pipe - but the
actual pipe does not yet exist.
JFree Chart
JFreeChart is a free 100% Java chart library that makes it easy for developers to
display professional quality charts in their applications. JFreeChart's extensive feature set
includes:
A consistent and well-documented API, supporting a wide range of chart types;
A flexible design that is easy to extend, and targets both server-side and client-side
applications;
Support for many output types, including Swing components, image files
(including PNG and JPEG), and vector graphics file formats (including PDF, EPS and
SVG);

JFreeChart is "open source" or, more specifically, free software. It is distributed

under the terms of the GNU Lesser General Public Licence (LGPL), which permits use in
proprietary applications.
Map
Charts showing values that relate to geographical areas. Some examples include:
(a) population density in each state of the United States, (b) income per capita for each
country in Europe, (c) life expectancy in each country of the world. The tasks in this
project include:
Sourcing freely redistributable vector outlines for the countries of the world,
states/provinces in particular countries (USA in particular, but also other areas).
Creating an appropriate dataset interface (plus default implementation), a rendered, and
integrating this with the existing XYPlot class in JFreeChart;
Testing, documenting, testing some more, documenting some more.
Implement a new (to JFreeChart) feature for interactive time series charts --- to display a
separate control that shows a small version of ALL the time series data, with a sliding
"view" rectangle that allows you to select the subset of the time series data to display in
the main chart.
Dashboards
There is currently a lot of interest in dashboard displays. Create a flexible
dashboard mechanism that supports a subset of JFreeChart chart types (dials, pies,
thermometers, bars, and lines/time series) that can be delivered easily via both Java Web
Start and an applet.
Property Editors
The property editor mechanism in JFreeChart only handles a small subset of the
properties that can be set for charts. Extend (or reemployment) this mechanism to provide
greater end-user control over the appearance of the charts.
J2ME (Java 2 Micro edition)
Sun Microsystems defines J2ME as "a highly optimized Java run-time
environment targeting a wide range of consumer products, including pagers, cellular
phones, screen-phones, digital set-top boxes and car navigation systems." Announced in
June 1999 at the JavaOne Developer Conference, J2ME brings the cross-platform

functionality of the Java language to smaller devices, allowing mobile wireless devices to
share applications. With J2ME, Sun has adapted the Java platform for consumer products
that incorporate or are based on small computing devices.
6.3 DATABASE
SQL Level API
The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough level for
higher-level tools and APIs to be created. Conversely, it is at a high enough level for
application programmers to use it confidently. Attaining this goal allows for future tool
vendors to “generate” JDBC code and to hide many of JDBC’s complexities from the end
user.
1. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In an effort
to support a wide variety of vendors, JDBC will allow any query statement to be passed
through it to the underlying database driver. This allows the connectivity module to
handle non-standard functionality in a manner that is suitable for its users.
1. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs. This
goal allows JDBC to use existing ODBC level drivers by the use of a software interface.
This interface would translate JDBC calls to ODBC and vice versa.
2. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers feel
that they should not stray from the current design of the core Java system.
3. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for only one
method of completing a task per mechanism. Allowing duplicate functionality only
serves to confuse the users of the API.
4. Use strong, static typing wherever possible
Strong typing allows for more error checking to be done at compile time; also,
less error appear at runtime.

5. Keep the common cases simple

Because more often than not, the usual SQL calls used by the programmer are
simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be
simple to perform with JDBC. However, more complex SQL statements should also be
possible.
They are,
1. TABLE
2. QUERY
3. FORM
4. REPORT
5. MACRO
Table: A database is a collection of data about a specific topic.
Views Of Table: We can work with a table in two types,
1. Design View
2. Datasheet View
Design View: To build or modify the structure of a table we work in the table design
view. We can specify what kind of data will be hold.
Datasheet View: To add, edit or analyses the data itself we work in tables datasheet view
mode.
Query: A query is a question that has to be asked the data. Access gathers data that
answers the question from one or more table. The data that make up the answer is either
dynaset (if you edit it) or a snapshot (it cannot be edited).Each time we run query, we get
latest information in the dynaset. Access either displays the dynaset or snapshot for us to
view or perform an action on it, such as deleting or updating.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 7: Sample Code
7. SAMPLE CODE
Connect.jsp
<%@ page import="java.sql.*"%>
<%@ page import="java.util.*" %>
<%
Connection connection = null;
try {
Class.forName("com.mysql.jdbc.Driver");
connection =
DriverManager.getConnection("jdbc:mysql://localhost:3306/Dynamic_GroupOriented_P
rovable","root","root");
String sql="";
}
catch(Exception e)
{
System.out.println(e);
}
%>
DO_Upload_Block1.jsp
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Upload_Blocks1</title>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<link href="style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/arial.js"></script>
<script type="text/javascript" src="js/cuf_run.js"></script>
<style type="text/css">

</style>
</head>
<body>
<div class="main">
<div class="header">
<div class="header_resize">
<div class="logo">
<h1><a href="index.html" class="style1">Dynamic Group Oriented Provable Data
Possession in the Cloud</a><a href="index.html"></a></h1>
</div>
<div class="clr"></div>
<div class="menu_nav">
<ul>

<li class="active"><a href="DO_Main.jsp">Data Owner </a></li>

<li><a href="DO_Login.jsp">Logout</a></li>
</ul>
</div>
</div>
</div>
<div class="content">
<div class="content_resize">
<div class="mainbar">
<div class="article">
<h2><span>Upload_Blocks</span> STATUS </h2>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@page import="java.util.*"%>
<%@ include file="connect.jsp"%>
<%@page
import="java.util.*,java.security.Key,java.util.Random,javax.crypto.Cipher,javax.crypto.
spec.SecretKeySpec,org.bouncycastle.util.encoders.Base64"%>
<%@ page
import="java.sql.*,java.util.Random,java.io.PrintStream,java.io.FileOutputStream,java.io
.FileInputStream,java.security.DigestInputStream,java.math.BigInteger,java.security.Mes
sageDigest,java.io.BufferedInputStream"%>
<%@ page
import="java.security.Key,java.security.KeyPair,java.security.KeyPairGenerator,javax.cr
ypto.Cipher"%>
<%@page

import="java.util.*,java.text.SimpleDateFormat,java.util.Date,java.io.FileInputStream,jav
a.io.FileOutputStream,java.io.PrintStream,java.math.*"%>
<% try
{
String file=request.getParameter("tt");
String cont=request.getParameter("text");
String keys = "ef50a0ef2c3e3a5f";
String h[]=new String[5];
String filename="filename.txt";
String filename1="filename1.txt";
ResultSetrs=connection.createStatement().executeQuery("select *
from cloudserver where fname='"+file+"' ");
if(!rs.next())
int sourceFileSize=cont.length();
int s=sourceFileSize%4;
int s1=sourceFileSize/4;
int a1=s1;
int a2=s1+s1;

int a3=s1+s1+s1;
int a4=s1+s1+s1+s1+s;
String
encryptedValue3="",encryptedValue2="",encryptedValue1="",encryptedValue4="";
byte[]
keyValue = keys.getBytes();
Key key = new SecretKeySpec(keyValue, "AES");
Cipher c = Cipher.getInstance("AES");
c.init(Cipher.ENCRYPT_MODE, key);
String encryptedValue = new
String(Base64.encode(cont.getBytes()));
encryptedValue1 = new String(Base64
.encode(cont.substring(0,a1).getBytes()));
.encode(cont.substring(a1+1,a2).getBytes()));

%>
source<%=sourceFileSize %>
a1<%=a1 %>
a2<%=a2 %>
a3<%=a3 %>
a4<%=a4 %>
split<%=s %>
<%
PrintStream p1 = new PrintStream(new FileOutputStream("filename1.txt"));

p1.print(new String(encryptedValue1));
for(int i=1;i<5;i++)
{
MessageDigest md = MessageDigest.getInstance("SHA1");
FileInputStream fis11 = new
FileInputStream("filename"+i+".txt");
DigestInputStream dis1 = new DigestInputStream(fis11, md);
BufferedInputStream bis1 = new BufferedInputStream(dis1);

//Read the bis so SHA1 is auto calculated at dis

while (true) {
int b1 = bis1.read();
if (b1 == -1)
break;
}
BigInteger bi1 = new BigInteger(md.digest());

String spl1 = bi1.toString();
h[i] = bi1.toString(16);
%>
<form action="DO_Upload_Blocks2.jsp" method="post">

<table width="598" border="1" align="center">
<tr>
<td width="286" bgcolor="#FF0000"><span class="style2"><strong>File
Name :- </strong></span></td>
<td width="356"><input name="t42" type="text" id="t42" size="50"
value="<%= file %>" readonly="readonly" /></td>
</tr>

<tr>
<td width="286" bgcolor="#FF0000"><span
class="style2"><strong>Block-1 </strong></span></td>
<td width="286"><span
class="style1">Size:<%=a1%>Bytes</span></td>
</tr>
<tr>
<td bgcolor="#FF0000"> </td>
<td><textarea name="text1" cols="50" rows="15" readonly><%=
encryptedValue1 %></textarea></td>
</tr>
<tr>
<td bgcolor="#FF0000"><span class="style2"><strong>Hashcode-1:
</strong></span></td>
<td><input name="t1" type="text" id="t4" size="50"
value="<%= h[1] %>" readonly="readonly" /></td>
</tr>
<tr>
class="style1">Size:<%=(a2-a1)%>Bytes</span></td>
</tr>
<tr>
</tr>
<tr>

</tr>
<tr>
</tr>
<tr>
</tr>
<tr>
value="<%= h[3]%>" readonly="readonly" /></td>
</tr>
<tr>
</tr>
<tr>

</tr>
<tr>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>
<div align="right"></div> </td>
<td><input type="submit" name="Submit2" value="Upload" /></td>
</tr>
</table>
</form>
<%
}
else
{
%>
<h1 class="style1">File name already exist</h1>
<a href="O_UploadFile.html">Back</a>
<%

connection.close();
}
catch(Exception e)
{
out.println(e.getMessage());
}
%>
</p>
</div>
</div>
<div class="sidebar">
<div class="gadget">
<h2 class="star">Menu</h2>
<ul class="sb_menu">
<li><a href="DO_Main.jsp">Home</a></li>
<li><a href="DO_Login.jsp">Logout</a></li>
</ul>
</div>
<div class="gadget"></div>
</div>

</div>
</div>
<div class="fbg"></div>
<div class="footer">
<div class="footer_resize">
<p class="lf"> </p>
</div>
</div>
</div>
<div align=center></div>
</body>
</html>
DU_Authentication.jsp
<title>Authentication Page</title>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%@page import="java.util.*"%>
<%@ include file="connect.jsp"%>
<%@page
import="java.util.*,java.security.Key,java.util.Random,javax.crypto.Cipher,javax.crypto.
spec.SecretKeySpec,org.bouncycastle.util.encoders.Base64"%>
<%@ page
import="java.sql.*,java.util.Random,java.io.PrintStream,java.io.FileOutputStream,java.io
.FileInputStream,java.security.DigestInputStream,java.math.BigInteger,java.security.Mes
sageDigest,java.io.BufferedInputStream"%>
<%@ page
import="java.security.Key,java.security.KeyPair,java.security.KeyPairGenerator,javax.cr
ypto.Cipher"%>
<%@page
import="java.util.*,java.text.SimpleDateFormat,java.util.Date,java.io.FileInputStream,jav
a.io.FileOutputStream,java.io.PrintStream"%>
<%
String name = request.getParameter("userid");
String pass = request.getParameter("pass");
String gname = request.getParameter("gname");
application.setAttribute("uname", name);
application.setAttribute("gname1", gname);
String wait="Waiting";
String auth="";
try {
String sql="SELECT * FROM consumer where username='"+name+"' and
password='"+pass+"' and gname='"+gname+"' ";
Statement stmt = connection.createStatement();
ResultSetrs =stmt.executeQuery(sql);
if(rs.next()){
String sql1="SELECT * FROM consumer where username='"+name+"' and
status='Waiting'";
ResultSet rs1 =stmt.executeQuery(sql1);
if(rs1.next())
{
response.sendRedirect("wronglogin.html");
}
else
{
response.sendRedirect("User_BioIdentification.jsp");
}
}

else
{
response.sendRedirect("wronglogin.html");
}
} catch (Exception e) {
out.print(e);
e.printStackTrace();
}
%>

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 8: Testing
8. TESTING
Testing is a process, which reveals errors in the program. It is the major quality
measure employed during software development. During software development, during
testing, the program is executed with a set of test cases and the output of the program for
the test cases is evaluated to determine if the program is performing as it is expected to
perform.
8.1 TESTING METHODOLOGIES

In order to make sure that the system does not have errors, the different
levels of testing strategies to that are applied to at differing phases of software
development.
Unit Testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid outputs. All
decision branches and internal code flow should be validated. It is the testing of
individual software units of the application .it is done after the completion of an
individual unit before integration. This is a structural testing, that relies on knowledge of
its construction and is invasive. Unit tests perform basic tests at component level and test
a specific business process, application, and/or system configuration. Unit tests ensure
that each unique path of a business process performs accurately to the documented
specifications and contains clearly defined inputs and expected results.
Integration testing
Integration tests are designed to test integrated software components to determine
if they actually run as one program. Testing is event driven and is more concerned with
the basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is specifically
aimed at exposing the problems that arise from the combination of components.

Functional test
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system documentation,
and user manuals.
Functional testing is centered on the following items
Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.
Organization and preparation of functional tests is focused on requirements, key
functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must
be considered for testing. Before functional testing is complete, additional tests are
identified and the effective value of current tests is determined.
System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test. System
testing is based on process descriptions and flows, emphasizing pre-driven process links
and integration points.
Black Box Testing

In this strategy some test cases are generated as input conditions that fully execute
all functional requirements for the program. This testing has been uses to find errors in
the following categories:
• Incorrect or missing functions

• Interface errors
• Errors in data structure or external database access
• Performance errors

• Initialization and termination errors.

In this testing only the output is checked for correctness. The logical flow of the data
is not checked.
White Box Testing

In this the test cases are generated on the logic of each module by drawing flow
graphs of that module and logical decisions are tested on all the cases. It has been uses to
generate the test cases in the following cases:
• Guarantee that all independent paths have been executed.

• Execute all logical decisions on their true and false Sides.
• Execute all loops at their boundaries and within their operational bounds
• Execute internal data structures to ensure their validity.
Integrating Testing
Integration testing ensures that software and subsystems work together a whole.
It tests the interface of all the modules to make sure that the modules behave properly
when integrated together.
System Testing
Here the entire software system is tested. The reference document for this process
is the requirements document, and the goal is to see if software meets its requirements.
Here entire ‘Cybernetic Protectors Application’ has been tested against requirements of
project and it is checked whether all requirements of project have been satisfied or not.
Acceptance Testing
Acceptance Test is performed with realistic data of the client to demonstrate that
the software is working satisfactorily. Testing here is focused on external behavior of the
system; the internal logic of program is not emphasized. In this project ‘Cybernetic
Protectors Application’ I have collected some data and tested whether project is working
correctly or not. Test cases should be selected so that the largest number of attributes of
an equivalence class is exercised at once. The testing phase is an important part of

software development. It is the process of finding errors and missing operations and also
a complete verification to determine whether the objectives are met and the user
requirements are satisfied.
8.2 TEST APPROACH

Testing can be done in two ways:
• Bottom up approach
• Top down approach
Bottom Up Approach
Testing can be performed starting from smallest and lowest level modules and
proceeding one at a time. For each module in bottom up testing a short program executes
the module and provides the needed data so that the module is asked to perform the way
it will when embedded with in the larger system.
Top down Approach

This type of testing starts from upper level modules. Since the detailed activities
usually performed in the lower level routines are not provided stubs are written. A stub is
a module shell called by upper level module and that when reached properly will return a
message to the calling module indicating that proper interaction occurred. No attempt is
made to verify the correctness of the lower level module.
Validation
The system has been tested and implemented successfully and thus ensured that all
the requirements as listed in the software requirements specification are completely
fulfilled. In case of erroneous input corresponding error messages are displayed.

8.3 TEST CASES
EXPECTED
S. No. TEST CASES INPUT ACTUAL RESULT STATUS
RESULT
User User gets Registration

1 Enter all fields Pass
Registration registered
is successful
Registration is
if user miss User not
2 User Fail
any field registered
Registration un successful
Server home
Give the server
Cloud Server page should Sever home Page
3 name and Pass
Login has been opened
password
be opened
Group
Group Group Manager
Give Username Manager page
4 Manager page has been Pass
and password should be
Login opened
opened
Give
Login Success
DataOwner Ownername Owner Page
5 fully and Owner Pass
Login has to Display
Page is Displayed
And Password
Enter All the Details Should File Uploaded

6 Upload File Pass
Details be Upload Success Fully
Table 8.3.1: Test Case Results

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 9: Screens
9. SCREENS
9.1 Home Page

9.2 Cloud Main Menu

9.3 Data Owner Main

9.3 Group Manager Main

9.4 Authorize Users

9.5 Upload File

9.6 View Upload Blocks

9.7 Verify Block

9.8 User Main

9.9 Search File

9.10 Download File

9.11 TPA Main

9.12 View Attack

9.13 Verify Block

9.14 Attacked File

9.15 Recovery File

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 10: Conclusion
10. CONCLUSION
In this paper, we proposed a privacy-preserving auditing scheme for dynamic

shared data, named PRAYS. It is the first group-oriented provable data possession
scheme that supports fully dynamic operations as well as constant auditing metadata to
our knowledge. The proposed scheme is boosted by a new two-step paradigm designed
for group-oriented integrity checking. In order to realize this paradigm, we presented a
block less Merkle tree for the first step, and presented a permission-based signature for
the second step. With these two tools, PRAYS provides all the essential features in the
multi writer storage services, including fully dynamic operations, constant auditing
metadata, secure user revocation, anonymity, and traceability. In our future work, we will
extend PRAYS from the following aspects. 1) Reducing the storage cost on the user side
to O(1) as mentioned in Section V-A. 2) Optimizing the computation cost in the
revocation phase. Unlike the traditional paradigm whose lower bound of the computation
cost in the revocation phase is O(R), it is possible to improve PRAYS by enhancing PBS.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 11: Future Enhancements
11. FUTURE ENHANCEMENTS
It is not possible to develop a system that makes all the requirements of the user. User
requirements keep changing as the system is being used. Some of the future enhancements that
can be done to this system are
It is further to implement authenticate Group Manager with Cloud Server.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 12: Bibliography
12. BIBLIOGRAPHY
[1] H. Wang, D. He, and S. Tang, “Identity-Based Proxy-Oriented Data Uploading and
Remote Data Integrity Checking in Public Cloud,” IEEETransactions on Information
Forensics and Security, vol. 11, no. 6, pp.1165–1176, 2016.
[2] Y. Yu, M. H. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, andG. Min, “Identity-
Based Remote Data Integrity Checking With PerfectData Privacy Preserving for Cloud
Storage,” IEEE Transactions onInformation Forensics and Security, vol. 12, no. 4, pp.
767–778, 2017.
[3] Z. Ren, L. Wang, Q. Wang, and M. Xu, “Dynamic Proofs of Retrievabilityfor Coded
Cloud Storage Systems,” IEEE Transactions on ServicesComputing, vol. 11, no. 4, pp.
685–698, 2018.
[4] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson,and D. Song,
“Provable Data Possession at Untrusted Stores,” in Proc.of CCS, 2007.
[5] A. Juels and B. S. Kaliski, Jr., “PORs: Proofs of Retrievability for LargeFiles,” in
Proc. of CCS, 2007.
[6] G. Ateniese, S. Kamara, and J. Katz, “Proofs of Storage from
HomomorphicIdentification Protocols,” in Proc. of ASIACRYPT, 2009.
[7] H. Wang, “Identity-based distributed provable data possession in multicloudstorage,”
IEEE Transactions on Services Computing, vol. 8, no. 2,pp. 328–340, 2015.
[8] S. Guarino, E. S. Canlar, M. Conti, R. D. Pietro, and A. Solanas, “Provablestorage
medium for data storage outsourcing,” IEEE Transactionson Services Computing, vol. 8,
no. 6, pp. 985–997, 2015.
[9] B. Wang, B. Li, and H. Li, “Public Auditing for Shared Data withEfficient User
Revocation in the Cloud,” in Proc. of INFOCOM, 2013.
[10] J. Yuan and S. Yu, “Efficient Public Integrity Checking for Cloud DataSharing with
Multi-User Modification,” in Proc. of INFOCOM, 2014.
[11] B. Wang, B. Li, and H. Li, “Panda: Public Auditing for Shared Datawith Efficient
User Revocation in the Cloud,” IEEE Transactions onServices Computing, vol. 8, no. 1,
pp. 92–106, 2015.

Dynamic Group-Oriented Provable Data Possession in the Cloud Chapter 12: Bibliography
[12] ——, “Oruta: Privacy-Preserving Public Auditing for Shared Data inthe Cloud,”
IEEE Transactions on Cloud Computing, vol. 2, no. 1, pp.43–56, 2014.
[13] Y. Wang, Q. Wu, B. Qin, X. Chen, X. Huang, and Y. Zhou, “Group oriented proofs
of storage,” in Proceedings of ASIACCS, 2015.
[14] T. Jiang, X. Chen, and J. Ma, “Public Integrity Auditing for SharedDynamic Cloud
Data with Group User Revocation,” IEEE Transactionson Computers, vol. 65, no. 8, pp.
2363–2373, 2016.
[15] C. C. Erway, A. Küpç ü, C. Papamanthou, and R. Tamassia, “Dynamicprovable
data possession,” ACM Trans. Inf. Syst. Secur., vol. 17, no. 4,pp. 15:1–15:29, 2015.
[16] E. Shi, E. Stefanov, and C. Papamanthou, “Practical Dynamic Proofs
ofRetrievability,” in Proc. of CCS, 2013.
[17] C. Garman, M. Green, and I. Miers, “Decentralized Anonymous Credentials,”in
Proceedings of NDSS, 2014.
[18] J. Chen, S. Yao, Q. Yuan, K. He, S. Ji, and R. Du, “CertChain: Publicand efficient
certificate audit based on blockchain for tls connections,”in Proc. of INFOCOM, 2018.

DGPDP

Uploaded by

Copyright:

Available Formats

DGPDP

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DGPDP

Uploaded by

Copyright:

Available Formats

A

Under the Guidance of

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

Certified that this project report” Dynamic Group-Oriented Provable Data

PROJECT GUIDE HEAD OF THE DEPARTMENT

Mrs.J.Kalyani MCA Dr. Shaik Jaffar Hussain Ph.D

Submitted for viva voice examination held on

Internal Examiner External Examiner

We express our gratitude to S r i R . V e e r a R e d d y , F o u n d e r o f S r i

3.1 EXISTING SYSTEM 8

3.2 PROPOSED SYSTEM 8

4 H/W AND S/W 11

5.2 SYSTEM DESIGN 12

5.3.1 USECASE DIAGRAM 23

5.3.2 CLASS DIAGRAMS 24

8.2 TYPES OF TESTS 51

SVIST, Kadapa Department of CSE Page 1

SVIST, Kadapa Department of CSE Page 2

SVIST, Kadapa Department of CSE Page 3

2. Y. Yu, M. H. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, andG. Min, “Identity-

SVIST, Kadapa Department of CSE Page 4

3. Z. Ren, L. Wang, Q. Wang, and M. Xu, “Dynamic Proofs of Retrievabilityfor

SVIST, Kadapa Department of CSE Page 5

4. S. Guarino, E. S. Canlar, M. Conti, R. D. Pietro, and A. Solanas,

SVIST, Kadapa Department of CSE Page 6

SVIST, Kadapa Department of CSE Page 7

Multi-Writer Solutions. Researchers then focus on integrity checking schemes

SVIST, Kadapa Department of CSE Page 8

2) The system is less security due to lack of Identity-Based Encryption

3.2 PROPOSED SYSTEM

1) The system presents a customized authenticated structure, named blockless Merkle

SVIST, Kadapa Department of CSE Page 9

2) The system proposes a novel cryptographic primitive, named permission-based

SVIST, Kadapa Department of CSE Page 10

SVIST, Kadapa Department of CSE Page 11

3.4.1. Data Owner

SVIST, Kadapa Department of CSE Page 12

4. HARDWARE AND SOFTWARE REQUIREMENT

SVIST, Kadapa Department of CSE Page 13

SVIST, Kadapa Department of CSE Page 14

It represents the dynamic of Behavioral as parts of the system, depicting the

SVIST, Kadapa Department of CSE Page 15

Fig : Sample Use case diagram

Fig :Sample Class Diagram

SVIST, Kadapa Department of CSE Page 16

Fig : Sample Collaboration Diagram

Fig : Sample Component Diagram

Fig : Sample Node Diagram

SVIST, Kadapa Department of CSE Page 17

Fig : Sample State Machine

Fig : Sample Package Diagram

SVIST, Kadapa Department of CSE Page 18

Fig : Sample Note Diagram

Third, a generalization is a specialization/generalization relationship in which

SVIST, Kadapa Department of CSE Page 19

• Deployment Diagram displays the configuration of run-time processing elements

Use Case Diagram

SVIST, Kadapa Department of CSE Page 21

5.2.2 CLASS DIAGRAM

In software engineering, a class diagram in the Unified Modeling Language (UML)