Essay: Data access control

Data access control is an helpful way to make sure that data security in the cloud. Unpaid to data outsource and untrusted cloud servers, it can access control becomes a exigent matter in cloud storage systems. Cipher text-Policy characteristic based Encryption is regard as one of the most fit technologies for data access control in cloud storage, because it can gives to the data owners more direct control on access policies. However, it is complicated to nonstop apply existing older Cipher text-Policy. Attribute based Encryption schemes to data access control for cloud storage systems because of the attribute revocation problem.
1.1 CLOUD COMPUTING
Now a day’s cloud computing is an intelligently developed technology to store data from number of client. Cloud computing makes allows users to slightly store their valuable data over cloud. Remote backup system is the progressive technique which minimizes the cost of implementing more memory in an organization. It helps government agencies and enterprises to reduce financial overhead of data management. They can extract their data backups remotely to third party cloud storage providers than maintaining their own data centres. An individual or an organization does not require purchasing the storage devices. Instead they can store their data to the cloud and archive data to avoid information loss in case of system failure like hardware or software failures. Cloud storage is more flexible, but security and privacy are available for the outsourced data becomes a serious concern. To realize protected data transaction in cloud, proper cryptography method is used. The data owner must do after encryption of the file, and stores to in the cloud. If a third person downloads the file, they can view the record if they had the key which is used to decrypt the encrypted file. To overcome the problem Cloud computing is one of the emerging technologies, It is important to protect the data and privacy of user. Attribute-based Encryption is one of the most suitable schemes for data access control in public clouds for it can ensures data owners direct control over data and provide a fine-grained access control service. Till now, there are many ABE schemes proposed, which can be divided into two different categories: Key Policy Attribute-based Encryption (KP-ABE) as well as Cipher text Policy Attribute-based Encryption (CPABE). In KP-ABE schemes, decrypt keys are combined with access structures and in cipher texts it is labelled with special attribute sets, for attribute management and key distribution an authority is responsible. The authority may be the human resource department in a company, the registration office in a university, etc. The data owner defines the access policies and encrypts the data according to the defined policies. Every user will be issued a secret key reflecting its attributes. A user can decrypt the data whenever its attributes match the access policies. Right of entry control methods make sure that authorized user access data of the system. Access control is a policy or process that allows, denies or restricts access to system. It also monitors and record all attempts made to access a system. Access Control can also identify unauthorized users attempting to access a system. It is a method which is very much important for defence in computer security. The Cloud storage is a very important service in cloud computing. The Cloud Storage offers the services for data owners to crowd their data over cloud environment. A big challenge to data access control scheme is data hosting and data access services. Because data owners do not completely trust the cloud servers also so the data access control becomes a challenging issue in cloud storage systems.
1.2PROJECT MOTIVATION
The Ciper-text-policy attribute-based were encryption (CP-ABE) is concerning as one of the majority prominently technologies for data access control in cloud storage, since it gives data owner more directly control on right of entry policies.
on the other hand it is not easy to directly apply existing the CP-ABE system to data access control storage system. Because of the characteristic revocation problem. For that designed an expressive, efficient and recollect data access control method for multi-authority cloud storage systems.
1.3 PROJECT OBJECTIVE
• Contribution of data in multi-owner manner.
• Where multiple authorities co-exist and each authority was able to issue attributes independently.
• Single point bottleneck also.
• Every authority is distributed.
• Direct control on access control policies.
1.4 SCOPE OF THE PROJECT
Data owner should get direct controls on access policies, which is provided by Ciper-text-policy Encryption based (CP-ABE).due to attribute revoking not easy for applies existing CP-ABE schemes to data in cloud storage.
This efficient ,expressive and revokes that in data access control scheme in multi-authority storage cloud systems, in which there is a co-existence of numerous establishment to add there each will be able to issue independently attributes.
1.5PROJECT SUMMARY
The rest of the study proceeds as follows:
Chapter 1: project description
Chapter 2: focus the on the literature survey which helps recognize the older system and features of the proposed system is explained.
Chapter3: which gives explanation about hardware and software requirements.
Chapter 4: System design gives their overall explanation of the project modules.
Chapter 5: Detailed design of various description and diagrams
Chapter 6: Deals with the details of project implementation and its screen shots.
Chapter 7: Presents with testing application along with test case and results.
Chapter 8: Conclusion.
Chapter 9: Future enhancements.
Appendix A: Bibliography
1.6 COMPANY PROFILE:
CHAPTER 2
LITERATURE SERVEY
This system is the very most important step in software development process. Before developing the tool it is necessary to conclude the time thing, economy and company force. Once these things are satisfied, next steps are to determine which the operating system is and language can be used for increasing the tool. Once the programmers start building the tool the programmers need a lot of external support for developing process. This support can be obtainers Before building the system the above reflection are taken into account for developing the proposed system. In access control system for public cloud storage, brings a single –point bottleneck on both security and performance against the single authority for any specific attribute. User encrypts sensitive data, it is imperative that she establish a specific access control policy on who can decrypt this data.
2.1 EXISTING SYSTEM
• Not possible to trace the identity of the misbehaving users.
• Difficult to maintain dynamic groups.
• Data owners store the encrypted data files in entrusted storage and deal out the matching decryption keys only to authorized users.
• A secure provenance scheme based on theirs cipher text-policy attribute-based encryption technique, in which allows any member in a group to share data with others.
2.1.1 DISADVANTAGES OF EXISTING SYSTEM:
• Chase’s protocol does not support attribute revocation.
• It is not possible for their trace which users convert as a false file.
• Users are also modifying the data, that kind of possibility is available here.
• Without permission everyone easily sharing the file to all members.
• Group Manager doesn’t communicate with group members.
• All group members also possible to revocation
2.1.2 PROPOSED SYSTEM:
• We propose a secure multi-owner data sharing scheme.
• Our proposed scheme is able to support dynamic groups efficiently.
• We make available secure and privacy-safeguard access control to users.
• Each group members having different public key.
• Owner of the application only possible to revocation.
• Without giving there authorization data sharing not possible in the system.
2.1.3 ADVANTAGES OF PROPOSED SYSTEM:
• We change the framework of the scheme and to make it more realistic to cloud storage systems, in which data owners are not concerned in the key generation.
• We really get better the efficiency of the attribute revocation method.
• High Security services.
• Minimize the convolution of private key.
• Maintain the data as a approachable data without giving access to any unauthorized users.
2.2 FEASIBILITY STUDY
The project is evaluated in this study and business offer is put into view with a very all-purpose plan for the project and some cost estimates. Through system study the feasibility study of the proposed system is to be supported. This is to confirm that the proposed system is not a drain to the corporation. For feasibility analysis, some accepting of the major requirements for the system is necessary.
Three key concerns elaborate in the feasibility analysis below.
2.2.1 ECONOMICAL FEASIBILITY
This study is carried to check the economic influence that the system will have on the association. The amount of deposit that the company can transfer into the investigation and improvement of the system is restricted. The disbursements must be justified. Thus the advanced system as well within the reasonable and this was accomplished. Only the modified products had to be acquired.
2.2.2 TECHNICAL FEASIBILITY
This study is approved out to check the technical feasibility, that is, the practical necessities of the system. Any system established must not have a great request on the available technical properties. This will tend to high loads on the presented technical properties. This will lead to high difficulties being placed on the client. The advanced system must have a retiring necessity, as only slight or null changes are essential for implementing this system.
2.2.3 SOCIAL FEASIBILITY
The part of this study is to check the level of receiving of the system by the user. This contains the course of teaching the user to use the system professionally. The user must not feel helpless by the system, instead must agree to take it as a requirement. The level of receiving by the users uniquely depends on the methods that are hired to instruct the user about the system and to create him aware with it. His level of confidence must be raised up so that he is also capable to make some productive disapproval, which is received, as he is the final user of the system.
CHAPTER 3
SOFTWARE REQUIREMENT SPECIFICATION
Software requirement specification (SRS) is main phase in the software development process. The purpose of this phase is to extract all the system requirements. This phase involves the specifying the users requirements and document them, these documents are divided into the various modules, which helps for the developer to implementation of the software.
3.1 FUNCTIONAL REQUIREMENTS:
3.1.1 Cloud Server:
The cloud service contributor manages a cloud to make available data storage service to the data owners encrypt their data files and to store them in the cloud for contribution with data regulars. To access the shared data files.
3.1.2Data Encryption and Decryption:
All the legal users were in the system can generously query any involved encrypted and decrypted data. Upon getting key the user runs on the decryption algorithm to do the cipher text by using its private keys and from different Attribute Authorities (AAs). Only the the user can possesses gratify the access structure defined in the cipher text CT, the user can get the secret key.
3.1.3Authority:
Authorities from diverse domain supply the attributes to the end users. One end consumer can have the attributes given from different authorities and even when the authorities can give the attributes to different end user or people. Only the end users who have the endorsed attributes can be access the particular files were the uploaded file.
3.1.4 Improved Security:
This presently designed algorithm is responsible for making improved security to the data stored. It can generates the email message to the data owners to that some attack has been occurred by the malevolent user. Then the data owner can take the additional action by blocking that user. If there any attacker modifies some of file then it informs to the data owner about the modification when the data owner verifies that file.
3.2 NON-FUNCTIONAL REQUIREMENT:
Non-functional requirements are those which not directly connected to the functions that are carried out in the system. Non-functional requirement places the constraints on the system development, these special constraints that are system need to meet.
The principal non-functional constraints which are relevant to critical systems: ‹
1. Performance
2. Safety
3. Security
4. Reliability
3.2.1 Performance Requirement:
• The system response time should be less, it must be interactive.
• While opening database, inserting records the action – response time must be less than the 2 seconds.
• The system must give uninterrupted connection.
3.2.2 Safety Requirement:
• The information should be securely store in the server without any manipulation of the data.
• Servers should be placed in the secure place so that the data should not get affected by the physical aspects.
3.2.3 Security Requirement:
• Login options are given to user so that data cannot be misused by other.
• The database operators also have the username and password option so that data transition between the server and user interface happens in secure manner.
3.2.4 Reliability Requirement:
• Software should be developed in such a way that it should work in the any system with or without minor changes to it.
• Should choose the right tools and environment for the development of software so it they can support all type of system.
3.3 TOOLS AND TECHNOLOGIES
3.3.1. Standard Specification
Model 2 (MVC) Architecture
The model 2 is the MVC architecture which contains of 3 modules controller, model and the view which are placed in the container. Model 2 architecture provides the security for the system as the whole model is placed in the container it has only one way for giving data and the exiting of the data. In this architecture each models are separately coded which helps in the reusability of the system.
Fig 3.3.1 Model 2 MVC architecture
• Model (M): The model consists of the service and the data which has the business and the persistence logic. The business logic is implemented with the help of the java or web service. The persistence logic is implemented with the help of JDBC or Hibernate, the persistence logic is used to provide the connection between the system and the database.
• View (V): The view consists of the presentation logic, it helps in the displaying the data from browsers. This layer is implemented with the help of the HTML, JSP
• Controller (C): The Controller is implemented with the help of the servlet. This layer act as the interface between the view and the model. The controller accepts the request the request from browser and sends the response call the model or the view accordingly.
In the Model 2 to view the data controller collects the input from the browser and call the service layer, the service layer calls the DAO for the database operation, once the database operation over the data returns to the service layer and to the controller, from controller to the view which displays the data on the browser.
3.3.2 Hypertext Markup Language
• HTML is the mark up language it is used to describe the web pages.
• HTML contains tags to which defies the web pages, it is not the programming language.
• HTML tags are not user-defined one they are the keywords which are placed inside the angular brackets <>.
• HTML code can be written in different editors like: Netbeans, EidtPlus, Notepad++ and many more
3.3.2. Cascading Style Sheet
• CSS is the markup language which is used for the presentation purpose.
• CSS makes the web pages more dynamic and user friendly.
• Styles can be provided for an element they are the inline css.
• Styles can be applied for website, by storing the style in separate file and added externally. Which helps in the reusability of the code
3.3.3. Java Server Page
• Java Server page (JSP) provides the dynamically contents for the web- pages.
• JSP allows to write the java code write anywhere in the page starting and ending with the <% %> symbols respectively.
• JSP also allows static web contents like (XML or HTML) tags.
• JSP technology is the combination of both static and the dynamic contents.
• In JSP engine can able to add the additional extension by using the web.xml.
3.3.4. Java
• Java is the high-level object oriented programming language.
• Java provides the reliability, which helps to execute codes in any system.
• While executing java program first the compiler will create new .class file for the .java file by translating to byte code.
• The byte code is changed to machine code with the help of Just in Time Compiler and display results.
• Java compiles the code and display the result in the console, which helps for the developer to find the error while running the application.
3.3.5. JDBC
• JDBC is the standard API for Java, which is used to connect the database servers and the Java program.
• JDBC is the product of the SUN, which are developed mainly to provide the API between server and the ui
• JDBC offers the SQL database operating like inserting, updating records to the database.
• JDBC offers the plug-ins for the particular servers. Need to add those plug-in of the server to connect between the server and the program.
•
3.3.6. Mysql
• Mysql is the open source management system.
• Multi-users access to the number of databases provided by the Mysql server, which uses the standard query language for the operations.
• For the web applications Mysql is the best choice for database, as it is the centralized component.
• Mysql is compatible with all operating system, it support multi-language and remotely configured.
Mysql>SELECT CURRENT VERSION
Mysql> USE RAJKUMAR SYSTEM;
3.3.7 Eclipse: it is used in developing applications. it contains a base working area and an extensible plug-in the system for customize the environment. Eclipse can be writing most probably in java and its primary use is for developing java application, but it may also be used to develop in other programming through including: ADA C, C++, and COBOL FORTRAN.
3.4 HARDWARE AND SOFTWARE REQUIREMENTS
Hardware Requirements
• Processor : Intel I3 above
• Speed : 766MHZ and above
• RAM : 8GB
• Hard Disk : 1TB
Software Requirements
• Operating system : Windows 8.1
• Coding Language : Java
• Web Technologies : HTML, JSP, CSS
• Tool used : Eclipse
• Database : MySql 5.
CHAPTER 4
SYSTEM DESIGN
4.1 System architecture:
The systems architecture describes the structure of system. This is the conceptual model which tells the high level overview of system, in which system defines the objects of the system and the between these objects.
Fig:System arthitecture
Sub systems are the sub branch of every large System. The Architecture of the system will help to know about system as well as related parts. System architecture is the conceptual model which will help as to know about working, behavior etc. This will show the ability of the system what all task it can perform.
4.2 Context Diagram
In system design we are using many of the diagrams to represent our system in understandable to the developer. For that we are using the DFD, expended as data flow diagram the name as it will show the flow of the data presented in the system. The DFD can be represented in number of levels.
Zero Level DFD
The above figure shows data flow diagram level 0 which admin logs for doing register and making key distribution and authority for multi copy
First Level DFD:
This figure show the level one data flow diagram which are after login group member or user should register and read or write files and stores in the cloud itself.
Second level DFD:
The second level daigram which shows whole project flow in this diagram after user registraion the member shuold do key giving out and read or write data for uploading file with allocates private key.
CHAPTER 5
DETAILED DESIGN
5.1 Use Case Diagram
This will show the relationship between the actor and the system. Actor is nothing but the user of the system. The use case must contain at least one performer or it can have more than one also. Actors are use as the agents in the use case Actor may act as internal or external agents. This diagram illustrates the relationship between the actor and the use cases.
Fig: 5.1 Use Case
Above shows the use case diagram in this project which works with user or admin ,and client user register with authentication by giving correct password security and the group manager or user can have private key for uploading a file.
5.2 Sequence Diagram:
Sequence of the activity can be displayed by using the sequence diagram. It model will collaborate the object with respect to time. The object interaction with the user and some other object can be displayed in this diagram. Actor, life line etc. are used to draw the sequence diagram.
Fig: 5.2 Sequence Diagram
The above figures shows the sequence diagram while seeing this diagram people can understand for clearly about this project, where life line and recursive messages shows the clear flow of the project where admin does login and cloud access or stores the password and user name request data for file uploading while at the encryption and decrypt the data before that creates private key .
5.3 COLLABORATION DIAGRAM
In UML diagrams we have collaboration diagram. This is also known as communication diagram. It shows the relationship between the object and the related methods. in collaboration four-sided figure box represent the entity associates with the system and the line show the connection along with the message.
Fig: 5.3 Collaboration Diagram
The above UML collaboration diagram shows communication of the system its showing above relationship from one object to another object.
5.4 ACTIVITY DIAGRAM
Activity diagram is the one of the UML diagram which indicates the flow of the activity. It is like flow chart. It represents the flow from one object to another. The flow can be there will be continues, branching or parallel.
Fig: 5.4 Activity Diagram
The above activity diagram shows the graphical workflow where user first login from proxy server and registers from cloud members to group provider and access key .
5.5 DATABASE DESIGN
Entity Relationship Diagram(ER Diagram)
ER Diagram describes the detailed data model of the database in a graphical manner which shows the relationship between the entities and the database. ER Diagram represents the real world objects with the essential description. The different Components of the ER
like entities, attributes, relationship.
• Entity: Entity is the basic object of ER model, which is the real world thing with an independent existence, physical existence or the conceptual existence. The graphical representation is rectangle shape.
• Attribute: Attributes describes the entity properties. The attribute value of the entities become the major part of the database while storing the data. The graphical representation of the attribute is oval shape
• Relationship: Relationship describes the relation between the several entities. The graphical representation of relationship is diamond shape.
FIG: 5.5 ER-Diagrams
Above shows the Entity relationship diagram for multi authority, admin logins and for registration purpose for the user does works on the this application for key generation and upload the multi authority file with secret key.
5.6Class Diagram
Class diagram is not only used for the documenting different conditions but also used for building the executable code. The class diagrams contain the attributes and the methods in it. This UML diagram is used mainly in the object oriented system because it is easy to translate this in to the object and class in development.
Fig: 5.6 Class Diagram
The above figure shows the class diagram for expressive efficient multi authority ,user should registers and it stores in the cloud then when user need to employment with this application user name and password should match and do encryption log files give the private key to the files then after compare and update or delete file .
CHAPTER 6
IMPLEMENTATION
6.1 Modules in the project
1. Certificate Authority
2. Attribute Authorities
3. Data Owners
4. Cloud Server
5. Data Consumers
MODULES DESCRIPTION:
1. Certificate Authority:
The CA is a worldwide trusted certificate authority in the system. It sets up the system and accept the registration of all the users who want register and AA is in the system. For each legal user in the system. The CA will assign a worldwide single user identity to it and also generates a universal public key for this user. However the CA is not mixed up in any attribute management and the creation of secret keys that are connected with attributes.
2. Attribute Authorities
Every AA is an self-governing attribute authority that is accountable for entitle and revoking user’s attributes consistently to their role or uniqueness in its domain. In our method, every attribute is associated with a single AA, but each AA can manage an random number of attributes. AA has complete control on the structure and semantics of its attributes. Each AA is dependable for creates a public element key for each element it will manage and a secret key for each user sparkly his/her attributes.
3. Data Consumers
Each user has a inclusive identity in the system. A user may be entitled a set of attributes which may come from many attribute authorities. The user will accept a secret key connected with its attributes allowed by the corresponding attribute authorities.
4. Data Owners
Each proprietor first divides the data into a number of components according to the logic structure and encrypts each and every data were constituent with different contented keys by using symmetry encryption techniques. Then the proprietor defines the right to use policies over attributes from multiple element establishments and encrypts the substance keys under the policies.
5. Cloud Server
Then, user sends the encrypted data to the cloud server together with the cipher texts. They do not ability on the server to do data access control. But the admittance control will happen within the cryptography. That is only when the user’s attributes satisfy the access policy distinct in the cipher text then user is able to decrypt the cipher text.
6.1.1Pseudo Code:
Database connection
SNAPSHOTS
Description: User get a home page first when after execution of the project and this window helps to execute a whole application.
Fig: 1.Home page
Description: The below window shows the text boxes to type in user id and password for login page for the admin.
Fig: 2 Admin login page
Description: The below window shows after admin login page, for allocates user private key.
Fig: 3 admin sign in page
Description: when admin login with his user id and password if in case he for got his id and password he will get the below window the Admin when entered wrong password.
Fig: 4 admin given wrong password
Description: The below window showing for user sing in text boxes with having every details about user should gives all the details.
Fig: 5 user sign in
Description: Data owner which means user successfully signup for next data owner or user login.
Fig:6 data owner
Description: the below window which is user login from data owners who will be upload the files and view files.
Fig: 7 user login
Description: after data owner login window which shows the registration no user name, DOB, E-mail, and phone, etc
Fig: 8after user login
Description: when after data owner sign in in this below window user can upload some files
Fig 9: data owner profile
Description: this below window shows the data owners uploaded files
Fig: 10 uploaded files by data owner
Description: this window shows the below list of files after uploaded files by data owners and user can view these files also.
Fig: 11 list of files
Description: for the uploading file user again login to the this window.
Fig:12 user login for file uploading
Description: user viewing and uploaded files we can see her below window.
Fig: 13 list of files for uploading
Description: when admin wants to set the security key then click on button which is in the window that is click here and set the private key.
Fig: 14 setting the security key
Description: after setting or file view uploading we were get the security key so enter the security it get to the given valid e-mail id.
Fig: 15 get secret key
Description: after setting private key when we set the private key then it comes the message to our valid e-mail enter the key.
Fig: 16 Key sent to our mail id
Description: here this window shows the conformation message to in our mail id.
Fig: 17 get private key in e-mail
Description: after getting the private key user can view the file.
Fig: 18 viewing files
CHAPTER 7
TESTING AND RESULTS
Testing:
The purpose of testing is to notice the errors. Testing is the procedure of trying to determine every possible fault or dimness in a work product. It offers a way to check the functionality of components, sub-assemblies, and/or a finished product. It is the procedure of training software with the dedicated of certifying that the Software system meets its requirements and user opportunity and does not fail in an improper manner. There are various types of test. Each test type reports a definite testing requirement.
Test design:
Testing designs are of two types:
1. White box testing:
This is also known as glass box testing. Here known product function has been designed to conduct test, that shows the operation of function and also check the error in function.
To develop the test case, control structure of design can use in the test case design.
2. Black box testing:
Here we know the integral product of an operation in the testing, appears test to ensure ‘all network’ that is perform according to inside operation and it is adequately exercised to the all internal component.
Steps to black box test:
• Graphical basis test method.
• Equivalent partition.
• Analysis of boundary value.
• Testing comparison.
Testing Levels
All main activities of several testing level are described below:
7.1 Unit Testing
7.2 Integration Testing
7.3 Functional Testing
7.4 System Testing
7.5 Acceptance testing
7.1 Unit Testing
Unit test is a testing of solitary software unit of the application. It is completely done after the completion of an single unit before integration, that depends on knowledge of its building.
Basically Unit test perform basic tests at constituent level and test a exact business.
7.2Integration Testing
These tests are planned to test integrated software constituents to determine if they actually run as one program or not. Testing is event focused and is more worried with the essential product of fields. Integration tests establish that although the components were separately fulfilment, as shown by effectively unit testing, the combination of components is accurate and reliable. Integration testing is specifically describes about data flow between two modules
7.3 Functional Testing
Functional tests offer systematic demonstrations that tasks tested are available as specified by the business and technical necessities, system documentation, and user manual the below testing table.
Functional testing is focused on the following objects:
Table 7.1: Functional Test
Valid Input Identified classes of valid input must be accepted.
Invalid Input Identified classes of null input must be discarded
Functions Identified function must be exercised
Output Identified the classes of application outputs must be exercise
Systems/Procedures Interfacing systems or procedures must be invoked.
Union and planning of functional tests is concentrated on requirements, key functions, or special test cases. In addition, systematic handling relating to identify Business process flows; data field, predefined processes, and successive processes must be measured for testing. Before functional testing is complete, supplementary tests are identified and the actual value of current tests is resolute.
7.4System Testing
System testing certifies that the whole integrated software system meets requirements or not. It tests a formation to confirm known and expected results. An example of system testing is the arrangement sloping the system integration test. System testing is constructed on course descriptions and flows, underlining pre-driven process links and integration points.
7.5 Acceptance testing
User acceptance testing is a serious segment of any project and involves major participation by the end user. It also confirms that the system meets the functional requirements.
TEST CASES
Here are the test cases and the expected outcomes which included the test plan to develop the Project.
Case 1:
Table 7.1 Test case and expected result to verify results
Test Case Number 01
Test Case Name Verify That Application can be loaded successfully
Sample Input Loading in Browser
Expected Output Application Should be Load Successfully
Actual Output Application Loaded Successfully
Remark Pass
Case 2:
Table 7.2 Test case and expected result for checking the functionalities in all browsers
Test Case Number 02
Test Case Name Verify the user by Entering valid Username and correct Password. Then click OK button
Sample Input Authentication.
Expected Output User should be able to view corresponding Home page of the application should be displayed.
Actual Output Same as expected
Remark Pass
Case 3:
Table 7.3 Test case and expected result for Authentication.
Test Case Number 04
Test Case Name Verify the user by Entering Invalid Username and invalid Password. Then click on the OK button
Sample Input Invalid Username and password
Expected Output Appropriate wrong message should be displayed and the cursor must wait in the Password field
Actual Output Same as expected
Remark Pass
CHAPTER 8
CONCLUSION
In this CPABE is successfully implemented for revocable multi-authority system that shows support efficiency in attribute revocation and uploading and updated data with private key generation
And also constructed an effective data access control scheme for multi authority in cloud storage system. This scheme of CPABE is a effective technique, which should be applied in remote storage system also online social networks and so on.
Data access control is an helpful way to make sure that data security in the cloud. Unpaid to data outsource and untrusted cloud servers, it can access control becomes a exigent matter in cloud storage systems. Cipher text-Policy characteristic based Encryption is regard as one of the most fit technologies for data access control in cloud storage, because it can gives to the data owners more direct control on access policies. However, it is complicated to nonstop apply existing older Cipher text-Policy. Attribute based Encryption schemes to data access control for cloud storage systems because of the attribute revocation problem.
1.1 CLOUD COMPUTING
Now a day’s cloud computing is an intelligently developed technology to store data from number of client. Cloud computing makes allows users to slightly store their valuable data over cloud. Remote backup system is the progressive technique which minimizes the cost of implementing more memory in an organization. It helps government agencies and enterprises to reduce financial overhead of data management. They can extract their data backups remotely to third party cloud storage providers than maintaining their own data centres. An individual or an organization does not require purchasing the storage devices. Instead they can store their data to the cloud and archive data to avoid information loss in case of system failure like hardware or software failures. Cloud storage is more flexible, but security and privacy are available for the outsourced data becomes a serious concern. To realize protected data transaction in cloud, proper cryptography method is used. The data owner must do after encryption of the file, and stores to in the cloud. If a third person downloads the file, they can view the record if they had the key which is used to decrypt the encrypted file. To overcome the problem Cloud computing is one of the emerging technologies, It is important to protect the data and privacy of user. Attribute-based Encryption is one of the most suitable schemes for data access control in public clouds for it can ensures data owners direct control over data and provide a fine-grained access control service. Till now, there are many ABE schemes proposed, which can be divided into two different categories: Key Policy Attribute-based Encryption (KP-ABE) as well as Cipher text Policy Attribute-based Encryption (CPABE). In KP-ABE schemes, decrypt keys are combined with access structures and in cipher texts it is labelled with special attribute sets, for attribute management and key distribution an authority is responsible. The authority may be the human resource department in a company, the registration office in a university, etc. The data owner defines the access policies and encrypts the data according to the defined policies. Every user will be issued a secret key reflecting its attributes. A user can decrypt the data whenever its attributes match the access policies. Right of entry control methods make sure that authorized user access data of the system. Access control is a policy or process that allows, denies or restricts access to system. It also monitors and record all attempts made to access a system. Access Control can also identify unauthorized users attempting to access a system. It is a method which is very much important for defence in computer security. The Cloud storage is a very important service in cloud computing. The Cloud Storage offers the services for data owners to crowd their data over cloud environment. A big challenge to data access control scheme is data hosting and data access services. Because data owners do not completely trust the cloud servers also so the data access control becomes a challenging issue in cloud storage systems.
1.2PROJECT MOTIVATION
The Ciper-text-policy attribute-based were encryption (CP-ABE) is concerning as one of the majority prominently technologies for data access control in cloud storage, since it gives data owner more directly control on right of entry policies.
on the other hand it is not easy to directly apply existing the CP-ABE system to data access control storage system. Because of the characteristic revocation problem. For that designed an expressive, efficient and recollect data access control method for multi-authority cloud storage systems.
1.3 PROJECT OBJECTIVE
• Contribution of data in multi-owner manner.
• Where multiple authorities co-exist and each authority was able to issue attributes independently.
• Single point bottleneck also.
• Every authority is distributed.
• Direct control on access control policies.
1.4 SCOPE OF THE PROJECT
Data owner should get direct controls on access policies, which is provided by Ciper-text-policy Encryption based (CP-ABE).due to attribute revoking not easy for applies existing CP-ABE schemes to data in cloud storage.
This efficient ,expressive and revokes that in data access control scheme in multi-authority storage cloud systems, in which there is a co-existence of numerous establishment to add there each will be able to issue independently attributes.