Professional Documents
Culture Documents
Abstract..ii
Acknowledgement.iv
Contents..v
List of Tables........vii
List of Figures.....viii
1 Introduction...1
1.1 Essential Characteristics........3
1.2 Deployment Models..4
1.3 Architecture...6
1.4 Benefits of Cloud Architecture.7
1.5 Examples of Cloud Architecture..8
2 Related Work..11
2.1 Comparison of Different Techniques..12
iv
3Requirements16
3.1 SoapUI...16
3.2 Mule Studio...17
3.3 Eclipse....18
4 Infrastructure..20
4.1 Registration Process.....21
4.2 Upload Process.....22
4.3 Retrieval Process..24
5Implementation Plan...28
6Analysis.....30
7Conclusion and Future Work.....31
7.1 Conclusion.31
7.2 Future Work.31
8 References.32
9Appendix35
List of Tables
Table 1.1 .Multi-layer security10
Table 2.1 System requirements12
Table 2.2 .Comparison of different techniques15
List of Figures
Figure 1-1 Internet as a Cloud 1
Figure 1-2 Deployment models in cloud computing.. 5
Figure 1-3 Basic cloud architecture.6
Figure 4-1 Infrastructure of the proposed method.20
Figure 4-2 Relationship Diagram for Registration Request...21
Figure 4-3 Relationship Diagram for Upload Process22
Figure 4-4 Flow in Upload Process.23
Figure 4-5 Relationship Diagram for Retrieval Process..24
Figure 4-6 Flow in Retrieval of Data Process..25
Chapter 1
Introduction
Cloud computing is an emerging paradigm in the field of Information Technology and it
is here to stay and serve rest of the future. As it has become a global phenomenon, a lot of
companies have joined the bandwagon of cloud computing. A model for enabling convenient,
on-demand network access to a shared pool of configurable computing resources, (e.g.,
networks, servers, storage, applications, and services) that can be rapidly provisioned and
released with minimal management effort or service provider interaction. [21]
g
n
t
e
Figure 1-1: Internet as a cloud
r
n
e
Now, the question
posed by renowned IT gurus is how far can one go with cloud i.e., trust and
t
a
security of the scloud are being questioned. In a cloud computing environment, the equipment
a
C
used for business
operations can be leased from a single service provider along with the
l
o
application, andu the related business data can be stored on equipment provided by the same
d
serviceprovider. [4] This type of arrangement can help a company save on hardware and
1
software infrastructure costs, but storing the companys data on the service providers equipment
raises the possibility that important business information may be improperly disclosed to others.
There have been quite a number of security measures implemented in the cloud. These security
measures have their own pros and cons. There have been a few security measures with respect to
encryption. But the question is who has the control over encryption and decryption keys?
Logically the control should be with the customer.
Client: The devices that we use to access the applications in cloud computing are the clients. The
client consists of hardware and/or computer software that rely on cloud computing for access to
application and is useless without it. Some examples of client may include laptops, phones and
tablets.
Server: This layer consists of computer hardware and computer software products that are
specifically designed for delivery of cloud services.
Infrastructure: This is one among the services of cloud computing, also known as
infrastructure as a service (IaaS). This is typically a platform virtualization environment that
allows us for raw storage and networking. This service allows the client to outsource the service
instead of purchasing servers, software, data-center space or network equipment. This concept is
based on utility computing basis; the amount of resources utilized will reflect the level of
activity.
Application:This service allows the user to eliminate maintenance of hardware and software by
allowing him to access the application over internet. By this process the user doesnt require to
install the application on customers own computer. This service model is also known as
software as a service.
Platform:This service facilitates deployment of applications without the cost and complexity of
buying and managing the underlying hardware and software layers. This service model is also
known as platform as a service (PaaS).
Rapid elasticity: Capabilities can be rapidly and elastically provisioned to quickly scale out and
rapidly released to quickly scale in. Capabilities available for provisioning often appear to be
unlimited to the consumer and can be purchased in any quantity at any time.
Measured Service: Automatic control and optimize use of resources by leveraging a metering
capability at some level of abstraction, appropriate to the type of service (e.g., storage,
processing, bandwidth, and active user accounts).
Private cloud - private cloud infrastructure is owned by a single organization. This allows
the user to avoid the criticism of buying, building and managing the software application
that he is working on. E.g., Amazon VPC, VMware Cloud.
Hybrid cloud -This infrastructure is a combination of two or more clouds i.e. private,
public or community. These clouds remain unique but are bound together by standardized
technology that enables application and data portability. An example for hybrid cloud
would be cloud-bursting (load balancing between clouds). E.g., Windows Azure,
VMWare vCloud.
Public
Private
Hybrid
Community
2 or more clouds
Common technology
Windows Azure, VMWare
vCloud
Single Organization
Location?
Managed by?
Amazon VPC, VMWare Cloud
Several Organizations
Location?
Managed by?
Google App, IBM Smart
Cloud
1.3 Architecture
Cloud architecture, the systems architecture of the software systems involved in the delivery of
cloud computing, typically involves multiple cloud components communicating with each other
over a loose coupling mechanism such as a messaging queue. Sample architecture is shown in
the diagram below.
accessible services that scale on-demand, that are industrial-strength, where the complex
reliability and scalability logic of the underlying services remains implemented and hidden
inside-the-cloud. The usage of resources in Cloud Architectures is as needed, sometimes
ephemeral or seasonal, thereby providing the highest utilization and optimum bang for the buck.
Almost zero upfront infrastructure investment: If you have to build a large-scale system it
may cost a fortune to invest in real estate, hardware (racks, machines, routers, backup
power supplies), hardware management (power management, cooling), and operations
personnel. Because of the upfront costs, it would typically need several rounds of
management approvals before the project could even get started. Now, with utility-style
computing, there is no fixed cost or startup cost.
ii.
Just-in-time Infrastructure: In the past, if you got famous and your systems or your
infrastructure did not scale you became a victim of your own success. Conversely, if you
invested heavily and did not get famous, you became a victim of your failure. By
deploying applications in-the-cloud with dynamic capacity management software
architects do not have to worry about pre-procuring capacity for large-scale systems. The
solutions are low risk because you scale only as you grow. Cloud Architectures can
relinquish infrastructure as quickly as you got them in the first place (in minutes).
iii.
More efficient resource utilization: System administrators usually worry about hardware
procuring (when they run out of capacity) and better infrastructure utilization (when they
have excess and idle capacity). With Cloud Architectures they can manage resources
more effectively and efficiently by having the applications request and relinquish
resources only what they need (on-demand).
iv.
Usage-based costing: Utility-style pricing allows billing the customer only for the
infrastructure that has been used. The customer is not liable for the entire infrastructure
that may be in place. This is a subtle difference between desktop applications and web
applications. A desktop application or a traditional client-server application runs on
customers own infrastructure (PC or server), whereas in a Cloud Architectures
application, the customer uses a third party infrastructure and gets billed only for the
fraction of it that was used.
v.
Potential for shrinking the processing time: Parallelization is the one of the great ways to
speed up processing. If one compute-intensive or data-intensive job that can be run in
parallel takes 500 hours to process on one machine, with Cloud Architectures, it would be
possible to spawn and launch 500 instances and process the same job in 1 hour. Having
available an elastic infrastructure provides the application with the ability to exploit
parallelization in a cost-effective.
Processing Pipelines
Automated Unit Testing and Deployment Testing Test and deploy and perform
automated unit testing (functional, load, quality) on different deployment
configurations every night
Websites
Seasonal Websites - websites that only run during the tax season or the holiday
season (Black Friday or Christmas).
Security in cloud computing must be provided in each and every layer. The table below depicts
the security needed in a cloud.
Application Layer
Identify management,
authorization, auditing
Data encryption, backup,
Data Layer
recovery
System Layer
Network Layer
Chapter 2
Related Work
There have been a few security measures with respect to encryption. But the question is who has
the control over encryption and decryption keys? Logically the control should be with the
customer.
Software as a service layer of the cloud computing would be the best option for method
described in this project. As software needs are to be addressed even after handing it over to a
client, one has control over it. Software as a service also known as on demand service is hosted
on the internet. So, one need not install and run the required software all the time and just use it
as per the requirements. This service is cost effective .This is an emerging trend in the
information technology. Undoubtedly, this trend has a great potential in the near future as it
provides computing in an easy and efficient manner with low cost. This trend is ever growing
due to its cost effective way of sharing large amount of information anywhere in the world. As
the demand for cloud computing is sky high there is a serious issue of security. In order to ensure
security in cloud computing the cloud provider must guarantee the customer with eminent
security measures. There have been a number of encryption mechanism used for security in
cloud computing. But each of them failed to provide control to the customer. So, a technique
using encryption is proposed in this project which provides control to the customer. The
user/customer has the maximum control of the data here. The major part of encryption and
decryption is done at the user level which is the motive of this project.
Confidentiality
Integrity
File Sharing
Key-Revocation
Access Control
techniques. This approach simplifies validation of digital signatures and enables certificate
revocation within legacy systems. [15]
Encryption scheme using Residue Number System (RNS). In this scheme, a secret is split into
multiple shares on which computations can be performed independently. Security is enhanced by
not allowing the independent clouds to collude. Efficiency is achieved through the use of smaller
shares. [3]
Technique
Description
Benefits
Usability Issues
Cloud Key
CKMIs introduction
Complexity of
Management
encryption management
(CKMI)[1]
encryption
is reduced and
management
involves more
complexity by
customization. In case of
building
interoperability into
cannot implement
environment.[1]
RSA encryption
A digital signatureor
algorithm with
digitalsignature
digital
schemeis a
signature[2]
mathematical
makes it secure.
key(s).
scheme for
demonstrating the
authenticity of a
digital message or
document.[2]
Homomorphic
Security is enhanced
A secret is split in to
encryption
scheme using
independent clouds to
computations on each
residue number
collude. Efficiency is
System) for
system[3]
independently. There is
homomorphic
use of smaller
shares.[3]
hence security is
like confidentiality,
enhanced.
YI cloud[6]
cloud.[6]
is fixed in YI cloud.
A Generic
It is a generic scheme
Scheme for
to enable fine-grained
advantages as it makes
Secure Data
use of attribute-
Sharing in
based/predicate
There is no mechanism to
Cloud[5]
require key-
re-encryption.
re-encryption.[5]
Table 2.2: Comparison of different techniques
user.
Chapter 3
Requirements
3.1 SoapUI
SoapUI is a free and open source cross-platform Functional Testing solution. With an easy-touse graphical interface, and enterprise-class features, SoapUI allows you to easily and rapidly
create and execute automated functional, regression, compliance, and load tests. In a single test
environment, SoapUI provides complete test coverage and supports all the standard protocols
and technologies. There are simply no limits to what you can do with your tests.
Features of SoapUI [19]:
Functional Testing -Automated Functional and Regression Testing. Powerful and
innovative features help to validate and improve the quality of the services and
applications.
Service Simulation -SoapUI Mock Services let you mimic and create robust tests against
Web Services before they are implemented.
Security Testing -Using a complement of tests and scans, protect the services on
websites against the most common security vulnerabilities.
Load Testing -SoapUI lets you create even the most advanced Load Tests quickly and
easily.
Technology Support -Loaded with advanced technologies, SoapUI provides support for
all the common protocols and standards.
Automation -SoapUI packs advanced end-to-end automation features, allowing the user
to dramatically reduce labor costs and improve your time-to-market.
Analytics -With powerful and integrated analytics, SoapUI Pro makes your testing faster
than ever and saves countless hours.
Recording -Built from the ground up to offer advanced recording capabilities, SoapUI
records, monitors and displays all the data that is sent and received between a client, such
as your web browser, and a server.
Ecosystem -A big part of what makes SoapUI great is the universe of the open source
community and partners around it, who have accelerated the pace of innovation on
SoapUI.
Role of SoapUI in this project: SoapUI acts as a client in this project.
Service Mediation - Business logic is separated from protocols and message formats for
rapid, nimble development and long-term flexibility.
Message Routing - Messages can be routed based on content or complex rules and
filtered, aggregated, or re-sequenced as required.
Data Transformation - Data can be transformed to and from virtually any format across
heterogeneous transport protocols and data types and incomplete messages can enhanced
through data retrieval. In addition, message payload can be encrypted, compressed or
encoded to ensure security.
Service Creation & Hosting - Functionality in any endpoint can be exposed as a service
and organized into an efficient, unified, standards-based architecture. Existing services
can be hosted as lightweight service containers.
3.3 Eclipse
The Eclipse Software Development Kit (SDK) contains everything you need to build Java
applications. Considered by many to be the best Java development tool available, the Eclipse
Java Development Tools (JDT) provides superior Java editing with on-the-fly validation,
incremental compilation, cross-referencing, code assist and much more. [20]
The new Eclipse 3.2 release features some exciting new capabilities, including:
Java 6 support
Refactoring scripts
Support for Mac OSX on Intel and preview support for Windows Vista
Chapter 4
Infrastructure
Cloud Storage
(S3 Storage)
Client Worstation
Third Party
Services
DB Instance
at Cloud
The figure above depicts the infrastructure of the proposed method. The communication among
the key components of client workstation, third party services and the amazon cloud storage is
vital in this method. Here, the client is the SoapUI, third party server is the Mule Studio and the
cloud is Amazon S3. The structure of the method is clearly shown in the above figure. The flow
of the method and the structure of each component is discussed in the following pages of this
document.
1 Registration Request
1:* Registration
Information
Encrypted Key
Registration Service
User Key (First Half)
Response
5
Status
4
Server Key
User
Server Key
Percistance
Java Custom
Component
(Generate Key
and Splitter)
File
Encrypt the
data using
User Key
Prepare
Service
Request
Upload Document
Service Req
Upload Document
Service
5
Status
Upload
Document
User
Encrypted Content
Java Custom
Component
(Get the content
and encrypt the
data using server
key)
- Second
Encryption
Phase
Upload
User
Registration
Third Party
Services
Registration
Cloud
Phase
Account Setup
The upload process in the proposed method is shown in the above figure. Firstly, registration is
done by providing details as first name, last name, email Id. Then, the user uploads the file by
encrypting it with the first half of the key. This is sent to the third party services and the content
is again encrypted with the second half key. Now, the file is uploaded in to the cloud.
4.3 RetrievalProcess
1
Get Document By Doc Name
Get Content By S3
KEY
Document Service
Store the
data in file
or view
Response
5
Server
Decrypted
Content
User
ted
ten
Server
Encrypted
Content
En
p
cr y
n
Co
Amazon S3
Java Custom
Component
(Retrieve Server
Key
Decrypt Content
using server Key)
Retrieve Data
Cloud
Third Party
Services
User
Phase
Receive the
encrypted data
Data Retrieval
The process for the retrieval of data is shown in the above figure. The user will initiate the
retrieval of the file. Retrieval is done by calling the service with filename and the user
information. The user will call the third party service for validation. After validation, the third
party service will get the second part of the key and call the cloud service to retrieve the data.
Third party service will decrypt the data using the second part of the key and return the data to
the user. Here, the data is only half decrypted. Now, the user receives the encrypted (half
decrypted) data and decrypts the data using the first half of the key. Thus, we get the original
data.
What if the second part of the key is made using the first key?
The second part of the key cannot be made using the first key. The two keys are not symmetrical.
Keys are generated in a random manner and even if the same file is used again for storage in the
cloud another key is generated and is not at all related to the old key.
Chapter 5
Implementation Plan
Requirements for the implementation:
Client - SoapUI
Server (Third party) - Mule Studio
Cloud Amazon S3
The first step in the implementation of this project is to run the mule studio. Mule studio
(Third party server) should be up and running to start the implementation.
Then, the registration request in SoapUI is used for the user to register. User credentials
like username email ID, first name and last name are needed here. Now, the SoapUI
request with the user credentials is executed. A token is generated here.
This token is taken and pasted in the TestRead.java in the eclipse. The path of the file to
be stored is also given here. This program is executed as a java application. The output o
this program is the encryption key. By using this encryption key, the data file is
encrypted. This key is pasted in the content of the upload request in the SoapUI. This
request is executed and there will be a response indicating that the file is uploaded. Now,
if the user wants the file back, the Get document request in the SoapUI is used. Here, the
File name to be retrieved is given and a document ID(any random number) should be
provided. This request is executed and a key is generated. This key is the decryption key.
This key along with the first token generated are pasted in the DecryptContent.java in
the eclipse and this program is executed. Now, the original data is obtained. This proves
that the encryption and decryption keys are in working state and the encryption and
decryption of data is possible in this method. Now, in order to make sure that the file is
stored in an encrypted format, we have to take a look at the Amazon S3 cloud where
there is a bucket created namely tejatest. Here, we have the file stored in an encrypted
format. Hence, the proposed method is up and running. The flow of the method is shown
in the appendix as screen shots.
Chapter 6
Analysis
Security is the first priority in any method. In order to ensure the security of the data to be stored
in the cloud, we use two step encryption and decryption. The data in the cloud is stored in
encrypted format. So, even if a malicious user gets access to the data, he/she cannot get the
original data. The keys used in this method for encryption and decryption are not symmetrical, so
even if the malicious users get hold of one key, they cannot generate the other key and hence
cannot get the original data.
Firstly, the data with the user is encrypted and sent to a third party. Here, it is again encrypted
and stored in the cloud. This way the data is secure in the cloud.
Decryption is also done in a two-step process to ensure security of the data. A retrieval request is
sent to the cloud by the third party. This request is sent when the user initiates the file retrieval.
The user receives the half decrypted data from the third party and the second level of decryption
is done at the user side. Hence, the user has the original data. The data stored in the cloud is on
Amazon S3 and it is in encrypted form.
Thus, it is proven that the mechanism works.
Chapter 7
Conclusion and Future Work
7.1 Conclusion
Security is the key aspect in any method and this aspect has been primarily focused in this
method. Encryption at two levels ensures that the data is safe and secure and more importantly
its the user who has the original data. The logical control over the data is with the user. There is
no way that the third party server or the cloud can get access to the original data. So, this method
will be of good use in the coming future of cloud computing security.
References
[1] Research on Key Management Infrastructure in Cloud Computing Environment: Sun Lei, Dai
Zishan, Guo Jindi.
[2]Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data
Security of Cloud in cloud computing: Uma Somani, Kanika Lakhani, Manish Mundra.
[3] HORNS: A Homomorphic Encryption Scheme for Cloud Computing using Residue Number
System. Mahadevan Gomathisankaran, Akhilesh Tyagi, Kamesh Namuduri.
[4] A Business Model for Cloud Computing Based on a Separate Encryption and Decryption
Service: Jing-Jang Hwang and Hung-Kai Chuang, Yi-Chang Hsu and Chien-Hsing Wu.
[5] A Generic Scheme for Secure Data Sharing in Cloud: Yanjiang Yang, Youcheng Zhang.
[6] YI Cloud: Improving user privacy with secret key recovery in cloud storage. Zheng
Huang,Qiang Li,Dong Zheng,Kefei Chen, XiangXue Li.
[7] Cloud Computing Security: From Single to Multi Clouds Mohammed A. AlZain #, Eric
Pardede #, Ben Soh #, James A. Thom* # Department of Computer Science and Computer
Engineering.
[8] Cloud Computing Security Challenges and Methods to Remotely Augment A Clouds
Security Posture Robert E. Johnson, III Cimcor, Inc.
[9] Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data
Security of Cloud in Cloud Computing #1 Uma Somani, #2 Kanika Lakhani, #3 Manish
Mundra.
[10]Analysis and Research about Cloud Computing Security Protect Yin Hu Network center
Huang gang normal university Huang gang, China e-mail: huyin @hgnu.edu.cn Haoyong Lv
Network center Huang gang normal university Huang gang.
[11] Cloud Hooks: Security and Privacy Issues in Cloud Computing Wayne A. Jansen, NIST.
[12] An architecture based on proactive model for security in cloud computing Prashant
Srivastava1, Satyam Singh2, Ashwin Alfred Pinto3, Shvetank Verma4, Vijay K. Chaurasiya5,
Rahul Gupta 6 MBA & MS-CLIS Division, IIIT-Allahabad, India.
[13] Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing
Shucheng Yu_, Cong Wang, Kui Ren, and Wenjing Lou_Dept. of ECE, Worcester
Polytechnic Institute, Email: {yscheng, wjlou}@ece.wpi.edu Dept. of ECE, Illinois Institute of
Technology, Email: {cong, kren}@ece.iit.edu
[14] A Benchmark of Transparent Data Encryption for Migration of Web Applications in the
Cloud. Ji Hu SAP Research Center Karlsruhe, Germany ji.hu@sap.com Andreas Klein SAP
Research Center Karlsruhe, Germany andreas.klein@sap.com
[15] A Method for Fast Revocation of Public Key Certificates and Security Capabilities Dan
Boneh dabo@cs.stanford.edu Xuhua Ding xhding@isi.edu Gene Tsudik gts@ics.uci.edu Chi
Wing Mong bc@cs.stanford.edu
[16] An Architecture for Secure Searchable Cloud Storage Robert Koletka Department of
Computer Science University of CapeTown, South Africa Email: robert.koletka@uct.ac.za
Andrew Hutchison Department of Computer Science University of Cape Town Cape Town,
South Africa Email: hutch@cs.uct.ac.za
[17] Source: tecnorati.com
[18] http://www.mulesoft.com/mule-esb-features
[19] http://www.soapui.org/About-SoapUI/features.html
[20] http://www.eclipse.org/downloads/moreinfo/java.php
[21] http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
[22] http://www.techno-pulse.com/2011/10/cloud-deployment-private-public-example.html
[23] http://www.databarracks.com/media/93800/aws_cloud_best_practices.pdf
Appendix
Appendix A
Figure A-7: The token generated in SoapUI is placed in the TestRead.java in Eclipse
Figure A-8: The path of the file to be stored and the token are placed in TestRead.java. Execute this and a key is
obtained
Figure A-9: Place the obtained key in the content part of the SoapUI (Upload) and execute
Figure A-11: Change the key in the Mule Studio Configuration XML to the name given in the Get Document SoapUI
Figure A-12: Document name is given and any random Id can be given. Execute this
Figure A-14: Place this key and the token obtained in the first step in the DecryptContent.java and execute
Appendix B
Test Client: Authentication(or registration) and upload of data
package com.test.teja.client;
import java.net.MalformedURLException;
import java.net.URL;
import java.rmi.RemoteException;
import javax.xml.rpc.ServiceException;
import com.toledo.university.test.AuthenticationResponse;
import com.toledo.university.test.AuthenticationService;
import com.toledo.university.test.AuthenticationServiceServiceLocator;
import com.toledo.university.test.UploadDocumentService;
import com.toledo.university.test.UploadDocumentServiceServiceLocator;
public class TestClient {
public static final String serviceUrl = "http://localhost:9777/services/register";
public static final String uploadServiceUrl = "http://localhost:9777/services/upload";
public static AuthenticationService service;
public static UploadDocumentService uploadService;
public static void main(String[] args) throws ServiceException, RemoteException {
// TODO Auto-generated method stub
URL portAddress;
AuthenticationResponse resp = new AuthenticationResponse();
try {
portAddress = getServiceURL(serviceUrl);
AuthenticationServiceServiceLocator locator = new
AuthenticationServiceServiceLocator();
service = locator.getAuthenticationServicePort(portAddress);
resp = service.authenticate("userName", "email", "firstName",
"lastName");
System.out.println(resp.getToken());
uploadcontent(resp.getToken());
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
publicclass DecryptContent {
/**
* @param args
*/
publicstaticvoid main(String[] args) {
// TODO Auto-generated method stub
String encryptedServerData =
"vYjQ8T+wr5GmoUSotW6nUBefNFpSoxJsSkdXY4wdpp1OLPh93l7fdXYtdoZHtBpav2N6Lbl
NUYP02QRs8bDtWsIS/R/iQ0JEaiPU3wI/H+akreSzXPLM8mfQ6pG4U8Qvm7RGDfhYMr3A
C/ViuURvhz69eMmEGG+Lyb6fVaD3HrlyBdptRZFWutR4y5WsNhLRuWKJHihBzUnhnX521
5qwsRFE2VZ62XCllPRZM/ehmO6ux3sMHuPeUL02M/IgA/TMH+hLXn6xCfw=";
String userToken =
"h7ZBm1IniyalBMvzCIPNbOv6nQwELnDvVzNRhNhhobrRyDumwDbBaimj4Y6GCztrPlZ4D
oL0XYQ=";
GenerateContent gcn = new GenerateContent();
System.err.println(gcn.decryptContent(encryptedServerData, userToken));
}
}
long filePosition = 0;
for (int i = 1; filePosition < contentLength; i++) {
// Last part can be less than 5 MB. Adjust part size.
partSize = Math.min(partSize, (contentLength - filePosition));
// Create request to upload a part.
UploadPartRequest uploadRequest = new UploadPartRequest()
.withBucketName(existingBucketName).withKey(keyName)
.withUploadId(initResponse.getUploadId()).withPartNumber(i)
.withFileOffset(filePosition)
.withFile(file)
.withPartSize(partSize);
// Upload part and add response to our list.
partETags.add(
s3Client.uploadPart(uploadRequest).getPartETag());
filePosition += partSize;
}
// Step 3: complete.
CompleteMultipartUploadRequest compRequest = new
CompleteMultipartUploadRequest(
existingBucketName,
keyName,
initResponse.getUploadId(),
partETags);
s3Client.completeMultipartUpload(compRequest);
} catch (Exception e) {
s3Client.abortMultipartUpload(new AbortMultipartUploadRequest(
existingBucketName, keyName, initResponse.getUploadId()));
}
}
}