Professional Documents
Culture Documents
1. INTRODUCTION
In recent years, cloud storage service has become a faster profit growth point by providing a comparably low-cost, scalable, position-independent platform for clients data. Since cloud computing environment is constructed based on open architectures and interfaces it has the capability to incorporate multiple internal and/or external cloud services together to provide high interoperability. We call such a distributed cloud environment as a multi- loud !or hybrid cloud". #ften, by using virtual infrastructure management !$I%", a multi-cloud allows clients to easily access his/her resources remotely through interfaces. &here exist various tools and technologies for multi-cloud. &hese tools help cloud providers to construct a distributed cloud storage platform !' S(" for managing clients data. )owever, if such an important platform is vulnerable to security attac*s, it would bring irretrievable losses to the clients. +or example, the confidential data in an enterprise may be illegally accessed through a remote interface provided by a multi-cloud, or relevant data and archives may be lost or tampered with when they are stored into an uncertain storage pool outside the enterprise. &herefore, it is indispensable for cloud service providers ! S(s" to provide security techni,ues for managing their storage services. (rovable data possession !('(" !or proofs of retrievability !(#-" " is such a probabilistic proof techni,ue for a storage provider to prove the integrity and ownership of clients data. $arious ('( schemes have been recently proposed, such as Scalable ('( and 'ynamic ('( . )owever, these schemes mainly focus on ('( issues at untrusted servers in a single cloud storage provider and are not suitable for a multi-cloud environment.
CPDP
2. SYSTEM ANALYSIS
2.1 LITERATURE SURVEY
&he previously implemented three related wor*s are .am /em 0i et al. highlights ('( scheme use for verification to avoid public verification. &his paper proposed initial ('( solution to -S1 based hash function to authenticate the remote server storage data. )owever due to -S1 based cryptosystem, the entire computing speed is low. 2ian Wang et al. proposes a protocol for integrity verification in multi-cloud. &his paper explored the problem of providing simultaneous public audibility and data dynamic for remote data integrity chec* in cloud computing. /an 3hu et al. give a collaborative provable data possession scheme, but the integrity of the paper is effected due to its high complexity.
CPDP
a false or true decision for data possession at untrusted stores , they are not suitable for a distributed cloud storage environment since they were not originally constructed on interactive proof System. &he existing schemes are using an authenticated s*ip list to chec* the integrity of file bloc*s ad4acently in space. When a client as*s for a file bloc*, the server needs to send the file bloc* along with a proof for the intactness of the bloc*. )owever this process incurs significant communication overhead in a multi-cloud environment, since the server in one cloud typically needs to generate such a proof with the help of other cloud storage services, where the ad4acent bloc*s are stored. 'ue to lac* of homomorphic responses, clients must invo*e the ('( protocol repeatedly to chec* the integrity of file bloc*s stored in multiple cloud servers. 1lso, clients need to *now the exact position of each file bloc* in a multi-cloud environment. In addition, the verification process in such a case will lead to high communication overheads and computation costs at client sides as well. &herefore, it is of utmost necessary to design a cooperative ('( model to
CPDP
reduce the storage and networ* overheads and enhance the transparency of verification activities in cluster-based cloud storage systems. &o establish a highly effective security model, it is necessary to analy5e the ('( scheme within the framewor* of 5ero-*nowledge proof system !36(S" due to the reason that ('( system is essentially an interactive proof system !I(S", which has been well studied in the cryptography community.
2.3
PROPOSED SYSTEM
&o provide a low-cost, scalable, location independent platform for managing
clients data. In this paper we address the problem of provable data possession in distributed cloud environment from the following aspects7 high security, transparent verification and high performance. &o achieve these goals, we first propose a verification framewor* for multi-cloud storage along with two fundamental techni,ues7 hash index hierarchy !)I)" and homomorphic verifiable response !)$-". We then demonstrate that the possibility of constructing a cooperative ('( ! ('(" scheme without compromising data privacy based on modern cryptographic techni,ues, such as interactive proof system !I(S". We further introduce an effective construction of ('( scheme using above-mentioned structure. %oreover, we give a security analysis of our ('( scheme from the I(S model. We prove that this construction is a multi-prover 5ero*nowledge proof system !%(-36(S" , which has completeness, *nowledge soundness, and 5ero-*nowledge properties. &o improve the system performance with respect to our scheme, we analy5e the performance of probabilistic ,ueries for detecting abnormal situations. &his probabilistic method also has an inherent benefit in reducing computation and communication overheads. &hen, we present an efficient method for the selection of optimal parameter values to minimi5e the computation overheads of S(s and the clients operations. In addition, we analy5e that our scheme is suitable for existing distributed cloud storage systems. +inally, our experiments show that our solution introduces very limited computation and communication overheads.
CPDP
3. FEASIBILITY STUDY
&he feasibility study is an evaluation and analysis of the potential of a proposed pro4ect. &his is based on extensive investigation and research to support the process of decision ma*ing. It aims to ob4ectively and rationally uncover the strengths and wea*ness of the proposed system, opportunities and threats present in the environment, the resource re,uired to carry through, and ultimately the prospects for success, in its simplest, the two criteria to 4udge feasibility are cost re,uired and value to be attained. &he goal of feasibility study is to evaluate alternative systems and propose the most feasible and desirable systems of designing. &hree type of feasibility study are 8. &echnical feasibility 9. #perational feasibility :. ;conomical feasibility
3.1TECHNICAL FEASIBILITY
&he technical feasibility assessment is focused on gaining and understanding of the present technical resources of the organi5ation and their applicability to the expected needs of the proposed system. It is an evaluation of the hardware and software and how it meets the need of the proposed system. 1s per the re,uirements of our pro4ect, it wor*s on the user based systems li*e windows. Since all the re,uirements are within the reach of modern technology we would say that the system is technically feasible.
CPDP
implementations of the proposed system. &he proposed system is not supposed to cause any harm to the user or the computer that is being used. &he proposed system is safe and secure.
CPDP
4. COST ESTIMATION
1 cost estimate is the approximation of the cost of a pro4ect .&he cost estimate is the product of the cost estimating process. ost estimation is one of the important steps in pro4ect management. 1 cost estimate, establishes the base line of the pro4ect cost at different stages of pro4ect development. ;stimating method may vary by type and class of estimate. &he proper documentation and review are also important in the process of cost estimation.
&he cost estimation of the software is assessed on the basis of hardware , software and operational cost. )ardware cost includes the cost of personal computers with an internet connection. &he software cost includes the cost of software re,uired to run the system such as $isual studio, Windows <. #perational cost includes the cost associated with day to day operations li*e electricity.
CPDP
5. REQUIREMENTS SPECIFICATION
&he re,uirement specification includes functional and non-functional re,uirements. . +unctional re,uirements are supported by non-functional re,uirements !also *nown as ,uality re,uirements", which impose constraints on the design or implementation !such as performance re,uirements, security, or reliability". =enerally, functional re,uirements are expressed in the form >system must do ?, while non-functional re,uirements are >system shall be ?. &he plan for implementing functional re,uirements is detailed in the system design. &he plan for implementing non-functional re,uirements is detailed in the system architecture.
&he functional re,uirements include (ublic account sign up 0ogin +ile upload +ile download 1pproval of users Send notification $iew users AWH Engg. College
CPDP
"
Send feedbac*
CPDP
1#
Ased to gather re,uirements of a system. Ased to get an outside view of a system. Identify external and internal factors influencing the system. Show the interacting among the re,uirements are actors.
CPDP
11
CPDP
12
6. SYSTEM SPECIFICATION
#perating system7 Windows < or above &he tool used is I';, visual studio with internet connection. +ront end7cB.net @ac* end7 S20 server 9CCD &he technology used is ..et (latform used 7%icrosoft visual studio 9C8C 'ocumentation7 %icrosoft word 9CC< (resentation7 %icrosoft (ower(oint 9C89
CPDP
13
application created for the windows platform. %icrosoft also produces an integrated development environment largely for ..et software called visual studio.
CPDP
14
-. SYSTEM DESIGN
Systems design is the process of defining the architecture, components, modules, interfaces, and data for a system to satisfy specified re,uirements
CPDP
15
CPDP
16
FILE
THIRD P ARTY(TP)
Cloud
CPDP
When the user ma*e re,uest to view the uploaded file, the file id is transferred to all servers and the file bloc*s corresponding to the re,uested file id is transferred to main server. &he trusted third party combines the different file bloc*s and computes the new hash value. .ow the old and new hash values are combined if it matches the file will be displayed to the user after decryption. #therwise an error message will be displayed.
CPDP
1!
-.3.1 R)/01$ 2 $23'#)!4$% &he 1dvanced ;ncryption Standard !1;S" is a specification for the encryption of electronic data established by the A.S..ational Institute of Standards and &echnology!.IS&" in 9CC8. 1;S is based on the -i4ndael cipher developed by two @elgian cryptographers, Goan 'aemen and $incent -i4men, who submitted a proposal to .IS& during the 1;S selection process. -i4ndael is a family of ciphers with different *ey and bloc* si5es. +or 1;S, .IS& selected three members of the -i4ndael family, each with a bloc* si5e of 89D bits, but three different *ey lengths7 89D, 8H9 and 9FI bits. 1;S has been adopted by the A.S. government and is now used worldwide. It supersedes the 'ata ;ncryption Standard !';S",which was published in 8H<<. &he algorithm described by 1;S is a symmetric-*ey algorithm, meaning the same *ey is used for both encrypting and decrypting the data. &he name $i%n&'el is a play on the names of the two inventors !Goan 'aemen and $incent -i4men".
CPDP
1"
6ey;xpansionJround *eys are derived from the cipher *ey using -i4ndaelKs *ey schedule. 1;S re,uires a separate 89D-bit round *ey bloc* for each round plus one more.
9. Initial-ound
8.
AddRoundKeyJeach byte of the state is combined with a bloc* of the round *ey using bitwise xor.
:. -ounds
8.
SubBytesJa non-linear substitution step where each byte is replaced with another according to a loo*up table. ShiftRowsJa transposition step where the last three rows of the state are shifted cyclically a certain number of steps. MixColumnsJa mixing operation which operates on the columns of the state, combining the four bytes in each column. AddRoundKey SubBytes ShiftRows AddRoundKey.
9.
:.
E.
-.3.2 MD5
&he MD5 message-digest algorithm is a widely used cryptographic hash function producing a 89D-bit !8I-byte" hash value, typically expressed in text format as a :9 digit hexadecimal number. %'F has been utili5ed in a wide variety of cryptographic applications, and is also commonly used to verify data integrity. %'F was designed by -on -ivest in 8HH8 to replace an earlier hash function, %'E.
CPDP
2#
-.3.2.1 A23'#)!4$%7 %'F processes a variable-length message into a fixed-length output of 89D bits. &he input message is bro*en up into chun*s of F89-bit bloc*s !sixteen :9-bit words"L the message is padded so that its length is divisible by F89. &he padding wor*s as follows7 first a single bit, 8, is appended to the end of the message. &his is followed by as many 5eros as are re,uired to bring the length of the message up to IE bits fewer than a multiple of F89. &he remaining bits are filled up with IE bits representing the length of the original message, modulo 9IE.
+unction7
input/output
data flow
CPDP
21
L , 2 87
CPDP
22
L , 2 19:+ #;
CPDP
23
L , 2 19$1%)0;
CPDP
24
L , 2 196:<2)*;
CPDP
25
-.6 ER DIAGRAM
In software engineering, an entityNrelationship model !;- model" is a data model for describing the data or information aspects of a business domain or its process re,uirements, in an abstract way that lends itself to ultimately being implemented in a database such as a relational database. &he main components of ;- models are entities !things" and the relationships that can exist among them. &he process is modelled as components !entities" that are lin*ed with each other by rel'tions(ips that express the dependencies and re,uirements between them. . ;ntities may have various properties !'ttri)utes" that characteri5e them. 'iagrams created to represent these entities, attributes, and relationships graphically are called entityN relationship diagrams. I.+#-%1&I#.7 E0!)!= 1 data entity is anything real or abstract about which we want to store data. ;ntity types fall into five classes7 roles, events, locations, tangible things or concepts. ;.g. employee, payment, campus, boo*. Specific examples of an entity are called )0+!$0* +. ;.g. the employee Gohn Gones, %ary SmithKs payment, etc. R 2$!)'0+4)6 1 data relationship is a natural association that exists between one or more entities. ;.g. ;mployees process payments. C$#1)0$2)!=defines the number of occurrences of one entity for a single occurrence of the related entity. ;.g. an employee may process many payments but might not process any payments depending on the nature of her 4ob. A!!#)<:! 1 data attribute is a characteristic common to all or most instances of a particular entity. Synonyms include property, data element, field. ;.g. .ame, address, ;mployee .umber, pay rate are all attributes of the entity employee. 1n attribute or combination of
CPDP
26
attributes that uni,uely identifies one and only one instance of an entity is called a 6#)%$#= ( = or )1 0!)") #. ;.g. ;mployee .umber is a primary *ey for ;mployee.
CPDP
CPDP
2!
U+ # # 3)+!#$!)'0 !$<2
FIELD
DATA TYPE Int $archar $archar $archar $archar 'atetime @ig int $archar $archar $archar $archar
DESCRIPTION
CONSTRAIN TS
Aser id +irst name 0ast name =ender ;mail id 'ate of birth (hone no ountry Aser name Security 2ustn 1nswer
Ani,ue number .ame of user .ame of user %ale /+emale %ail id of user '#@ of user (hn no of user ountry of user Ased for login +or security +or security
(rimary 6ey
.otification &able
CPDP
2"
DESCRIPTION Ani,ue no. for notification Sub4ect of message %essage from admin .ame of file
CPDP
3#
.otification &able
DESCRIPTION Ani,ue no. for notification Sub4ect of message %essage from admin .ame of file
+eedbac* table
FIELD
DATA TYPE
DESCRIPTION
CONSTRAINTS
(rimary 6ey
+ile 0og table Dept. of Computer Science & Engg AWH Engg. College
CPDP
31
CPDP
32
L'3)0 "'#%7
CPDP
33
CPDP
34
A1%)0?%$0$3 :+ #
CPDP
35
A1%)0?+ 01 0'!)")*$!)'0
CPDP
36
CPDP
U+ # + 01 " 1<$*(
CPDP
3!
U+ # ")2 1'&02'$1
CPDP
3"
CPDP
4#
>. IMPLEMENTATION
&he implementation of the pro4ect includes the code of the pro4ect and screenshots
CPDP
( public int ma8"string a# ! SqlCommand cmd ) ne* SqlCommand"#; cmd.Connection ) cn; cmd.Command$e8t ) a; int m8id; cn.%pen"#; try ! m8id ) Con7ert.$o5nt:;"cmd./8ecuteScalar"#.$oString"## < =; ( catc' ! m8id ) =; ( inally ! cn.Close"#; ( return m8id;
41
( (
'ownload
using using using using using using using using using using using System; System.Collections.Generic; System.Linq; System.Web; System.Web.65; System.Web.65.WebControls; System.Data; System.Data.SqlClient; System.9et; System.Security; System.Security.Cryptograp'y;
public partial class De ault> : System.Web.65.1age ! string s; dbop d ) ne* dbop"#; protected 7oid 1age4Load"ob?ect sender@ /7ent&rgs e# ! i "A5s1ostBacC# ! DultiEie*=.Set&cti7eEie*"Eie*=#; ( ( protected 7oid DataGrid=4Selected5nde8C'anged"ob?ect sender@ /7ent&rgs e# ! (
CPDP
protected 7oid Button=4ClicC"ob?ect sender@ /7ent&rgs e# ! s ) ,select F rom G ile tableH *'ere o*nerid) ,<SessionG,uid,H<, and ilename liCe IJ, < $e8tBo8=.$e8t < ,JI,; Data$able dt ) ne* Data$able"#; dt ) d.ret"s#; DataGrid=.DataSource ) dt; DataGrid=.DataBind"#; ( protected 7oid DataGrid=45temCommand"ob?ect source@ DataGridCommand/7ent&rgs e# ! i "e.Command9ame )) ,7ie*,# ! string y ) e.5tem.CellsGKH.$e8t; SessionG,C,H ) y; ( DultiEie*=.Set&cti7eEie* "Eie*;#; string C ) e.5tem.CellsGLH.$e8t; ttp=.ttp s ) ne* ttp=.ttp"#; byte GH ?) s. ile4do*nload"C#; SessionG,msg,H ) ?; string ms ) System.$e8t./ncoding.&SC55.GetString"?#; // $e8tBo8:.$e8t ) ms; string r ) ,select GCeyH@'as'7alue ileid), < e.5tem.CellsGLH.$e8t < ,,; Data$able dt ) ne* Data$able"#; rom G ile tableH *'ere
42
dt) d.ret"r#; $e8tBo8>.$e8t ) dt.2o*sGLHGLH.$oString"#; SessionG,'s',H ) dt.2o*sGLHG=H.$oString"#; ( protected 7oid $e8tBo8;4$e8tC'anged"ob?ect sender@ /7ent&rgs e# ! ( protected 7oid $e8tBo8>4$e8tC'anged"ob?ect sender@ /7ent&rgs e# ! ( protected 7oid Button;4ClicC"ob?ect sender@ /7ent&rgs e# ! ( protected 7oid Button:4ClicC"ob?ect sender@ /7ent&rgs e# ! string C ) SessionG,C,H.$oString"#; byteGH ) ne* byteG;>H;
CPDP
)Con7ert.3romBaseM>String"C#; D/Sclass l ) ne* D/Sclass"#; l.Cey ) ; byteGH lC )"byte GH# SessionG,msg,H; byteGH old's' ) Con7ert.3romBaseM>String"SessionG,'s',H.$oString"##; DDKCryptoSer7ice1ro7ider md ) ne* DDKCryptoSer7ice1ro7ider"#; byte GH c) md.ComputeNas'"lC#; i ! "Con7ert.$oBaseM>String"old's'#))Con7ert.$oBaseM>String"c##
43
l.i7 ) ne* byteGH ! L@ L@ L@ L@ L@ L@ L@ L (; string msg ) l.DecryptString3romBytes"lC@ l.Cey@ l.i7#; ( else ! ( $e8tBo8K.$e8t ) msg;
Apload
using using using using using using using using using System; System.Collections.Generic; System.Linq; System.Web; System.Web.65; System.Web.65.WebControls; System.Data; System.Security.Cryptograp'y; System.Security;
public partial class De ault> : System.Web.65.1age ! protected 7oid 1age4Load"ob?ect sender@ /7ent&rgs e# ! i "A5s1ostBacC# ! DultiEie*=.Set&cti7eEie*"Eie*=#; b ) ,select F rom G ile tableH *'ere o*nerid),<SessionG,uid,H<,,; dt ) d.ret"b#; DataGrid=.DataSource ) dt; DataGrid=.DataBind"#;
CPDP
44
( ( Data$able dt ) ne* Data$able"#; dbop d ) ne* dbop"#; string b ) ,,; protected 7oid Button=4ClicC"ob?ect sender@ /7ent&rgs e# ! i "C'ecCBo8=.C'ecCed )) true# ! b ) b < C'ecCBo8=.$e8t; ( else ! b ) ,null,; ( byteGH a ) 3ile6pload=.3ileBytes;
string d=; d= ) System.$e8t./ncoding.&SC55.GetString"a#; D/Sclass m ) ne* D/Sclass"#; m.Ceygen"#; string Cey@ i7; Cey ) Con7ert.$oBaseM>String"m.Cey#; i7 ) Con7ert.$oBaseM>String"m.i7#; byteGH ? ) m./ncryptString$oBytes"d=@ m.Cey@ m.i7#;
DDKCryptoSer7ice1ro7ider md ) ne* DDKCryptoSer7ice1ro7ider"#; byte GH 's') md.ComputeNas'"?#; string str's' ) Con7ert.$oBaseM>String"'s'#; string s ) ,insert into G ile tableH 7alues", < $e8tBo8=.$e8t < ,@, < SessionG,uid,H.$oString"# < ,@I, < 3ile6pload=.3ile9ame < ,I@, < $e8tBo8;.$e8t < ,@ItypeI@I, < Cey < ,I@I, < str's' < ,I@I, < b < ,I#,; d.nonret"s#; ttp=.ttp C ) ne* ttp=.ttp"#; C. ile4upload"?@ $e8tBo8=.$e8t#; i ! "C'ecCBo8=.C'ecCed )) true# b ) b < C'ecCBo8=.$e8t;
( else !
CPDP
b ) ,null,; (
45
( protected 7oid Button;4ClicC"ob?ect sender@ /7ent&rgs e# ! DultiEie*=.Set&cti7eEie*"Eie*;#; string c ) ,select ma8" ileid# rom G ile tableH,; $e8tBo8=.$e8t ) d.ma8"c#.$oString"#; $e8tBo8;.$e8t ) System.Date$ime.9o*.$oS'ortDateString"#; ( protected 7oid DataGrid=4Selected5nde8C'anged"ob?ect sender@ /7ent&rgs e# ! ( (
CPDP
46
CPDP
CPDP
4!
CPDP
4"
CPDP
5#
@. TESTING
@.1 UNIT TESTING
In computer programming, unit testing is a method by which individual unit of source code, sets of one or more computer program modules together with associated control data, user procedure and operating procedure are tested to determine if they are fit to use.Intuitively,one can view a unit as the smallest testable part of an application.
@.3SYSTEM TESTING
1fter performing the integration testing, the next step is output testing of the proposed system..o system could be useful if doesnt produce the re,uired output in a specific format. &he output generated are displayed by the system under consideration and then tested by comparing with the format re,uired by the user.)ere the output format is considered into two ways ,one in on-screen and other in printed format.
CPDP
51
18. CONCLUSION
In this paper, we presented the construction of an efficient ('( scheme for distributed cloud storage. @ased on homomorphic verifiable response and hash index hierarchy, we have proposed a cooperative ('( scheme to support dynamic scalability on multiple storage servers. We also showed that our scheme provided all security properties re,uired by 5ero *nowledge interactive proof system, so that it can resist various attac*s. #ur experiments clearly demonstrated that our approaches only introduce a small amount of computation and communication overheads. &herefore, our solution can be treated as a new candidate for data integrity verification in outsourcing data storage systems.
CPDP
52
constructions. +irst, from our experiments we found that the performance of ('( scheme, especially for large files, is affected due to its high complexity. .ext, from a practical point of view, we still need to address some issues about integrating our ('( scheme smoothly with existing systems,
CPDP
53
12. REFERENCES
CPDP
54
13. GLOSSARY
o.#perative ('(7&wo or more ('( schemes which co.operatively wor*s loud Service (rovider7 'ifferent services that provide cloud computing environment. %ulti-cloud7 more than one cloud computing environments combined together. ('(7 provable data possession scheme to prove the integrity of data to user.